Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-20 | CVE-2007-0772 | Resource Management Errors vulnerability in Linux Kernel The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer. | 7.8 |
2007-02-16 | CVE-2007-0897 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor. | 7.5 |
2007-02-16 | CVE-2007-0987 | Scripts Multiple Input Validation vulnerability in Jupiter CMS Jupiter CMS 1.1.5 Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2007-02-16 | CVE-2007-0985 | SQL Injection vulnerability in PHPcc SQL injection vulnerability in nickpage.php in phpCC 4.2 beta and earlier allows remote attackers to execute arbitrary SQL commands via the npid parameter in a sign_gb action. | 7.5 |
2007-02-16 | CVE-2007-0984 | SQL Injection vulnerability in Aspcode.Net Pollmentor 2.0 SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to pollmentorres.asp. | 7.5 |
2007-02-16 | CVE-2007-0981 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox and Seamonkey Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code. | 7.5 |
2007-02-16 | CVE-2007-0978 | Local Security vulnerability in IBM AIX 5.3 Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data. | 7.2 |
2007-02-16 | CVE-2007-0977 | Remote Security vulnerability in Lotus Domino 5.0/6.0 IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428. network ibm | 7.1 |
2007-02-16 | CVE-2007-0974 | Remote Security vulnerability in IAN Bezanson Dropbox 0.0.3Beta Multiple unspecified vulnerabilities in Ian Bezanson DropBox before 0.0.4 beta have unknown impact and attack vectors, possibly related to a variable extraction vulnerability. | 7.5 |
2007-02-16 | CVE-2007-0972 | Scripts Multiple Input Validation vulnerability in Jupiter CMS Jupiter CMS 1.1.5 Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote attackers to upload arbitrary files by modifying the HTTP request to send an image content type, and to omit is_guest and is_user parameters. | 7.5 |