High

DATE	CVE	VULNERABILITY TITLE	RISK
2007-04-11	CVE-2007-1357	Denial Of Service vulnerability in Linux Kernel AppleTalk ATalk_Sum_SKB Function The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum. network low complexity linux	7.8
2007-03-28	CVE-2007-1734	Denial-Of-Service vulnerability in Linux Kernel 2.6.20/2.6.20.1/2.6.20.2 The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730. local low complexity linux	7.2
2007-03-12	CVE-2007-1000	Information Disclosure vulnerability in Linux Kernel IPV6_Getsockopt_Sticky Memory Leak The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference. local low complexity linux	7.2
2007-03-10	CVE-2007-1398	Denial of Service vulnerability in Snort 2.6.1.1/2.6.1.2/2.7Beta1 The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet. network linux snort	7.1
2007-03-06	CVE-2007-1281	Remote Denial of Service vulnerability in Kaspersky LAB Kaspersky Antivirus Engine 5.5.10/6.0.1.411 Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression. network low complexity microsoft kaspersky-lab linux	7.8
2007-02-23	CVE-2007-1089	Local Security vulnerability in IBM DB2 Universal Database 8.0/9.1 IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors. local low complexity linux microsoft ibm	7.2
2007-02-23	CVE-2007-1086	Local Privilege Escalation vulnerability in IBM DB2 Universal Database Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access." local low complexity hp ibm linux microsoft sun	7.2
2007-02-23	CVE-2006-7034	SQL-Injection vulnerability in Super Link Exchange Script Super Link Exchange Script 1.0 SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver super-link-exchange-script	7.5
2007-02-21	CVE-2007-1043	Authentication Bypass vulnerability in Ezboo Webstats 3.0.3 Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver ezboo	7.5
2007-02-20	CVE-2007-0772	Resource Management Errors vulnerability in Linux Kernel The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer. network low complexity linux CWE-399	7.8