| Max CVSS | 9.3 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4577 | 6.4 |
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
|
21-01-2024 - 02:46 | 15-10-2008 - 20:08 | |
| CVE-2007-3105 | 4.6 |
Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater
|
13-02-2023 - 02:17 | 27-07-2007 - 21:30 | |
| CVE-2007-6427 | 9.3 |
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
|
20-11-2020 - 16:47 | 18-01-2008 - 23:00 | |
| CVE-2007-0071 | 9.3 |
Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset
|
30-10-2018 - 16:26 | 09-04-2008 - 21:05 | |
| CVE-2007-1825 | 7.5 |
Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue
|
30-10-2018 - 16:25 | 02-04-2007 - 23:19 | |
| CVE-2005-2641 | 7.5 |
Unknown vulnerability in pam_ldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate
|
19-10-2018 - 15:33 | 23-08-2005 - 04:00 | |
| CVE-2006-1735 | 9.3 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javas
|
18-10-2018 - 16:35 | 14-04-2006 - 10:02 | |
| CVE-2006-3807 | 7.5 |
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and callin
|
17-10-2018 - 21:30 | 27-07-2006 - 19:04 | |
| CVE-2007-4138 | 6.9 |
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for
|
15-10-2018 - 21:33 | 14-09-2007 - 01:17 | |
| CVE-2006-1527 | 5.0 |
The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function. Upgrade to
|
11-10-2017 - 01:30 | 03-05-2006 - 22:02 | |
| CVE-2004-0905 | 4.6 |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a fr
|
11-10-2017 - 01:29 | 14-09-2004 - 04:00 |