|
267031
|
- |
|
opera
|
opera_browser
|
The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote attackers to obtain sens…
|
NVD-CWE-Other
|
CVE-2007-4944
|
2008-11-15 14:00 |
2007-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267032
|
- |
|
wilson_windowware
|
webbatch
|
webbatch.exe in WebBatch allows remote attackers to obtain sensitive information via the dumpinputdata parameter.
|
CWE-200
Information Exposure
|
CVE-2007-5011
|
2008-11-15 14:00 |
2007-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267033
|
- |
|
suse
|
suse_linux
|
Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6167
|
2008-11-15 14:00 |
2007-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267034
|
- |
|
debian
|
unp
|
unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename a…
|
NVD-CWE-noinfo
|
CVE-2007-6610
|
2008-11-15 14:00 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267035
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy change log to temporarily unavailable managed servers, which might allow attackers to bypass intended…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4614
|
2008-11-13 15:46 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267036
|
- |
|
vtiger
|
vtiger_crm
|
SQL injection vulnerability in the dashboard (include/utils/SearchUtils.php) in vtiger CRM before 5.0.3 allows remote authenticated users to execute arbitrary SQL commands via the assigned_user_id pa…
|
NVD-CWE-Other
|
CVE-2007-3603
|
2008-11-13 15:42 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267037
|
- |
|
vtiger
|
vtiger_crm
|
vtiger CRM before 5.0.3 allows remote authenticated users with access to the Analytics DashBoard menu to bypass data restrictions and read the pipeline of the entire organization, possibly involving …
|
NVD-CWE-Other
|
CVE-2007-3604
|
2008-11-13 15:42 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267038
|
- |
|
vtiger
|
vtiger_crm
|
The report module in vtiger CRM before 5.0.3 does not properly apply security rules, which allows remote authenticated users to read arbitrary private module entries.
|
NVD-CWE-Other
|
CVE-2007-3617
|
2008-11-13 15:42 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267039
|
- |
|
phpecho_cms
|
phpecho_cms
|
Multiple SQL injection vulnerabilities in the admin panel in PHPEcho CMS before 1.6 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2007-3335
|
2008-11-13 15:41 |
2007-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267040
|
- |
|
sun
|
java_embedding_plugin
|
Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a denial of service (browser crash) via a Thread subclass that calls super.run from its run method.
|
NVD-CWE-Other
|
CVE-2007-2906
|
2008-11-13 15:40 |
2007-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
