|
279191
|
- |
|
vmware
|
player
workstation
|
Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, re…
|
NVD-CWE-noinfo
|
CVE-2007-5617
|
2018-10-26 23:17 |
2007-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279192
|
- |
|
vmware
|
player
server
workstation
|
Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5…
|
NVD-CWE-noinfo
|
CVE-2007-5618
|
2018-10-26 23:17 |
2007-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279193
|
- |
|
symantec
|
proxysg_firmware
|
Cross-site scripting (XSS) vulnerability in the management console in Blue Coat ProxySG before 4.2.6.1, and 5.x before 5.2.2.5, allows remote attackers to inject arbitrary web script or HTML by modif…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5796
|
2018-10-26 23:17 |
2007-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279194
|
- |
|
digium
debian
|
asterisk
debian_linux
|
SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows r…
|
CWE-89
SQL Injection
|
CVE-2007-6170
|
2018-10-26 23:17 |
2007-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279195
|
- |
|
drupal
|
drupal
|
The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5597
|
2018-10-26 23:14 |
2007-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279196
|
- |
|
drupal
|
drupal
|
CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x before 4.7.8 and 5.x before 5.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP …
|
CWE-113
HTTP Response Splitting
|
CVE-2007-5595
|
2018-10-26 23:13 |
2007-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279197
|
- |
|
drupal
|
drupal
|
The core Upload module in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 places the .html extension on a whitelist, which allows remote attackers to conduct cross-site scripting (XSS) attacks by upload…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5596
|
2018-10-26 23:13 |
2007-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279198
|
- |
|
ibm
|
tivoli_storage_manager_client
|
Unspecified vulnerability in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2, when using "server-initiated prompted…
|
CWE-200
Information Exposure
|
CVE-2007-5022
|
2018-10-26 23:11 |
2007-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279199
|
- |
|
libpng
|
libpng
|
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of servic…
|
CWE-189
Numeric Errors
|
CVE-2007-5266
|
2018-10-26 23:11 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279200
|
- |
|
libpng
canonical
|
libpng
ubuntu_linux
|
pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service…
|
NVD-CWE-noinfo
|
CVE-2007-5268
|
2018-10-26 23:11 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
