|
300241
|
- |
|
ibm
|
db2_universal_database
|
IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE:…
|
NVD-CWE-Other
|
CVE-2007-4418
|
2017-07-29 10:32 |
2007-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300242
|
- |
|
symantec
|
enterprise_firewall
|
The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid,…
|
NVD-CWE-Other
|
CVE-2007-4422
|
2017-07-29 10:32 |
2007-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300243
|
- |
|
lhaz
|
lhaz
|
Lhaz 1.33 allows remote attackers to execute arbitrary code via unknown vectors, as actively exploited in August 2007 by the Exploit-LHAZ.a gzip file, a different issue than CVE-2006-4116.
|
NVD-CWE-Other
|
CVE-2007-4428
|
2017-07-29 10:32 |
2007-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300244
|
- |
|
torrenttrader
|
torrenttrader
|
Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) account-inbox.php, (2) account-settings.…
|
NVD-CWE-Other
|
CVE-2007-4435
|
2017-07-29 10:32 |
2007-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300245
|
- |
|
drupal
|
project
project_issue_tracking_module
|
The Drupal Project module before 5.x-1.0, 4.7.x-2.3, and 4.7.x-1.3 and Project issue tracking module before 5.x-1.0, 4.7.x-2.4, and 4.7.x-1.4 do not properly enforce permissions, which allows remote …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4436
|
2017-07-29 10:32 |
2007-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300246
|
- |
|
ampache
|
ampache
|
SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 allows remote attackers to execute arbitrary SQL commands via the match parameter. NOTE: some details are obtained from third part…
|
NVD-CWE-Other
|
CVE-2007-4437
|
2017-07-29 10:32 |
2007-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300247
|
- |
|
ampache
|
ampache
|
Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2007-4438
|
2017-07-29 10:32 |
2007-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300248
|
- |
|
asterisk
|
asterisk
asterisk_appliance_developer_kit
asterisknow
|
The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1…
|
NVD-CWE-Other
|
CVE-2007-4455
|
2017-07-29 10:32 |
2007-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300249
|
- |
|
cisco
|
voip_phone_cp-7940
voip_phone_cp-7960
|
Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 in…
|
CWE-20
Improper Input Validation
|
CVE-2007-4459
|
2017-07-29 10:32 |
2007-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300250
|
- |
|
electronic_arts
|
snoopyctrl
|
Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCtrl ActiveX control (NPSnpy.dll) allow remote attackers to execute arbitrary code via unspecified methods and parameters.
|
CWE-94
CWE-119
Code Injection
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-4466
|
2017-07-29 10:32 |
2007-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
