| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-5707 | 7.1 |
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
|
13-02-2023 - 02:18 | 30-10-2007 - 19:46 | |
| CVE-2007-3999 | 10.0 |
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third
|
21-01-2020 - 15:45 | 05-09-2007 - 10:17 | |
| CVE-2007-3227 | 4.3 |
Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord::Base#to_json) function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values.
|
08-08-2019 - 14:33 | 14-06-2007 - 23:30 | |
| CVE-2007-5162 | 4.3 |
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier
|
15-10-2018 - 21:41 | 01-10-2007 - 05:17 | |
| CVE-2007-5116 | 7.5 |
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
|
15-10-2018 - 21:40 | 07-11-2007 - 23:46 | |
| CVE-2007-5770 | 5.0 |
The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which mak
|
29-09-2017 - 01:29 | 14-11-2007 - 01:46 | |
| CVE-2007-6035 | 7.5 |
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
|
29-07-2017 - 01:34 | 20-11-2007 - 11:46 | |
| CVE-2007-5728 | 4.3 |
Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, di
|
29-07-2017 - 01:33 | 30-10-2007 - 21:46 | |
| CVE-2007-2865 | 9.3 |
Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter.
|
29-07-2017 - 01:31 | 25-05-2007 - 18:30 | |
| CVE-2007-2741 | 9.3 |
Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.
|
29-07-2017 - 01:31 | 17-05-2007 - 19:30 | |
| CVE-2007-5708 | 7.1 |
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers
|
07-03-2011 - 05:00 | 30-10-2007 - 19:46 | |
| CVE-2007-6167 | 7.2 |
Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory.
|
15-11-2008 - 05:00 | 29-11-2007 - 01:46 |