|
277961
|
- |
|
bea
|
weblogic_server
|
SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote attackers to obtain plaintext from an SSL stream via a man-in-the-middle a…
|
CWE-310
Cryptographic Issues
|
CVE-2007-4613
|
2018-10-26 23:01 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277962
|
- |
|
opensymphony
|
xwork
|
Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression…
|
NVD-CWE-Other
|
CVE-2007-4556
|
2018-10-26 23:00 |
2007-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277963
|
- |
|
php
|
php
|
The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as d…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-3997
|
2018-10-26 22:59 |
2007-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277964
|
- |
|
php
debian
canonical
|
php
debian_linux
ubuntu_linux
|
The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error …
|
CWE-20
Improper Input Validation
|
CVE-2007-3998
|
2018-10-26 22:59 |
2007-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277965
|
- |
|
apple
microsoft
|
mac_os_x
windows_vista
windows_xp
|
Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2007-3751
|
2018-10-26 22:58 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277966
|
- |
|
oracle
|
jdk
|
The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2007-3503
|
2018-10-26 22:56 |
2007-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277967
|
- |
|
php
|
php
|
The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375.
|
CWE-200
Information Exposure
|
CVE-2007-2748
|
2018-10-20 04:03 |
2007-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277968
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memo…
|
CWE-189
Numeric Errors
|
CVE-2007-2875
|
2018-10-20 04:03 |
2007-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277969
|
- |
|
apple
|
mac_os_x
|
Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the A…
|
CWE-287
Improper Authentication
|
CVE-2007-3184
|
2018-10-20 04:03 |
2007-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277970
|
- |
|
mysql
debian
canonical
|
mysql
debian_linux
ubuntu_linux
|
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
|
NVD-CWE-Other
|
CVE-2007-2691
|
2018-10-20 04:00 |
2007-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
