Critical
CVE-2008-0590
Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long opendir command.
Tag: Denial of Service (DoS)
All CVEs associated with "Denial of Service (DoS)". Page 287/331 • 39659 CVEs.
Subscribe CVEs: RSS for “Denial of Service (DoS)” · RSS (High+Critical only)
About “Denial of Service (DoS)”
A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39659 CVEs for this tag (all time). In the last 365 days, 3228 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2008-02-05
High
CVE-2007-4130
The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denia…
2008-02-04
Medium
CVE-2007-6699
Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser c…
2008-02-01
Medium
CVE-2007-6698
The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to c…
High
CVE-2007-6697
Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr…
Critical
CVE-2008-0544
Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary…
Medium
CVE-2008-0548
Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL dereference when malloc f…
Medium
CVE-2008-0549
Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via a long Ogg tag.
Critical
CVE-2008-0550
Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overfl…
2008-01-31
Medium
CVE-2008-0509
Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25r…
2008-01-30
High
CVE-2008-0495
Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3.2.0 allows remote attackers to cause a denial of service via unspecified vectors.
2008-01-29
High
CVE-2007-6694
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that…
Critical
CVE-2007-4771
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of…
Medium
CVE-2008-0406
HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allows remote attackers to cause a denial of service (daemon crash) via a long account name.
2008-01-25
Medium
CVE-2008-0445
The replace_inline_img function in elogd in Electronic Logbook (ELOG) before 2.7.1 allows remote attackers to cause a denial of service (infinite loop) via crafted logbook entries. NOTE: some of the…
2008-01-23
Critical
CVE-2007-6425
Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.
High
CVE-2008-0028
Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enab…
Critical
CVE-2008-0401
Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) before 5.1.0.3 Interim Fix 3 allows remote attackers to cause a denial o…
2008-01-22
Medium
CVE-2008-0378
Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitr…
Critical
CVE-2008-0379
Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly exe…
Medium
CVE-2008-0384
OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer derefere…
2008-01-18
Medium
CVE-2008-0364
Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier in the 1.8.x series; on Windows allows remote attackers to cause a denial of serv…
High
CVE-2008-0365
Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments t…
High
CVE-2008-0366
CORE FORCE before 0.95.172 does not properly validate arguments to SSDT hook handler functions in the Registry module, which allows local users to cause a denial of service (system crash) and possibl…
High
CVE-2008-0352
The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).
2008-01-17
Medium
CVE-2008-0171
regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash…
Medium
CVE-2008-0172
The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL deref…
High
CVE-2008-0330
Open System Consultants (OSC) Radiator before 4.0 allows remote attackers to cause a denial of service (daemon crash) via malformed RADIUS requests, as demonstrated by packets sent by nmap.
High
CVE-2008-0331
Unspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Router / VPN devices allows remote attackers to cause a denial of service (panic and reboot) via unspec…
Critical
CVE-2008-0027
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and Cal…
Medium
CVE-2008-0324
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory…
Medium
CVE-2007-6684
The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.
2008-01-16
Medium
CVE-2008-0298
KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element.
High
CVE-2008-0295
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial…
Critical
CVE-2008-0296
Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash)…
Critical
CVE-2007-5656
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly…
Critical
CVE-2008-0033
Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with Image Descripto…
Medium
CVE-2008-0031
Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Sorenson 3 video file,…
Medium
CVE-2008-0035
Unspecified vulnerability in Foundation, as used in Apple iPhone 1.0 through 1.1.2, iPod touch 1.1 through 1.1.2, and Mac OS X 10.5 through 10.5.1, allows remote attackers to cause a denial of servic…
Critical
CVE-2008-0122
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of…
Medium
CVE-2008-0285
ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference.
2008-01-15
Medium
CVE-2008-0261
Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote attackers to cause a denial of service (query flood) via unspecified vectors.
Medium
CVE-2008-0263
The SIP module in Ingate Firewall before 4.6.1 and SIParator before 4.6.1 does not reuse SIP media ports in unspecified call hold and send-only stream scenarios, which allows remote attackers to caus…
Medium
CVE-2008-0269
Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors.
2008-01-12
Medium
CVE-2007-6284
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
High
CVE-2008-0243
Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows attackers to cause a denial of service via unknown vectors.
2008-01-10
High
CVE-2008-0227
yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a…
High
CVE-2008-0127
The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication pa…
High
CVE-2008-0194
Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (d…
Medium
CVE-2008-0199
PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the show_page and time parameters to the default URI.
2008-01-09
Medium
CVE-2007-0012
Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer crash) via an object tag with an encoded applet and an undefined name attribute, which triggers a…
Medium
CVE-2007-4769
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a d…
Medium
CVE-2007-4772
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a…
Medium
CVE-2007-6067
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows…
High
CVE-2007-5761
The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 has weak permissions for the \\.\NantSys device interface (nantsys.sys), which allows local users to gain privileges or cause a de…
Critical
CVE-2008-0151
Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Telnet request with…
Medium
CVE-2008-0152
SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service (crash) via unspecified telnet options, which triggers a NULL…
Medium
CVE-2008-0153
telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (process crash and resource exhaustion) via a crafted TELOPT PRAGMA LOGON telnet option, which trigge…
2008-01-08
High
CVE-2007-0066
The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router adv…
Critical
CVE-2007-0069
Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code…
Medium
CVE-2007-6422
The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial…
Medium
CVE-2008-0132
Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating…
Medium
CVE-2008-0095
The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appl…
2008-01-04
Medium
CVE-2007-6599
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back f…
Medium
CVE-2008-0090
A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method.
Medium
CVE-2007-6625
The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified…
High
CVE-2007-6627
Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code…
Medium
CVE-2007-6628
LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via (1) a malformed Transport header, which triggers misparsing in parse_transp…
Medium
CVE-2007-6629
Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a User-Agent header line that contains a carriag…
Medium
CVE-2007-6630
The Url_init function in utils/url.c in Netembryo 0.0.4, when used by LScube Feng, allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a malformed URI contain…
2008-01-03
Medium
CVE-2007-6613
Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attack…
Medium
CVE-2008-0061
MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04 allows remote attackers to cause a denial of service via a crafted DNS packet that prevents an authoritative name (CNAME) rec…
2007-12-28
High
CVE-2007-6573
QK SMTP Server 3 allows remote attackers to cause a denial of service (daemon crash) via a long (1) HELO, (2) MAIL FROM, or (3) RCPT TO command; or (4) a long string in the message sent after the DAT…
Medium
CVE-2007-6558
TotalPlayer 3.0 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .m3u file. NOTE: this might be a duplicate of CVE-2006-6288.
Medium
CVE-2007-6562
Multiple stack-based buffer overflows in the use of FD_SET in TCPreen before 1.4.4 allow remote attackers to cause a denial of service via multiple concurrent connections, which result in overflows i…
2007-12-27
Medium
CVE-2007-6534
Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wor…
2007-12-24
High
CVE-2007-6419
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Medium
CVE-2007-6519
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.
High
CVE-2007-6523
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a larg…
2007-12-21
High
CVE-2007-6509
Unspecified vulnerability in Appian Enterprise Business Process Management (BPM) Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp.
High
CVE-2007-4567
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of…
2007-12-20
Medium
CVE-2007-6341
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response.
High
CVE-2007-6349
P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with an empty body and a Content-L…
Medium
CVE-2007-6478
Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and possibly earlier versions allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a…
High
CVE-2007-6482
Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecif…
High
CVE-2007-6492
The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to cause a denial of service (Internet Explorer 7 cr…
High
CVE-2007-5584
Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted "data in the control-plane path with Layer 7…
Medium
CVE-2007-6351
libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write func…
High
CVE-2007-5966
Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large r…
Critical
CVE-2007-6454
Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execu…
Medium
CVE-2007-6457
Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 allows remote attackers to cause a denial of service (crash) via a long Host header.
Critical
CVE-2007-6468
Buffer overflow in the HuffDecode function in hw_utils/hwrcon/huffman.c and hexenworld/Client/huffman.c in Hammer of Thyrion 1.4.2 allows remote attackers to execute arbitrary code or cause a denial…
2007-12-19
Medium
CVE-2007-5963
Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors.
Medium
CVE-2007-6438
Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally incl…
Medium
CVE-2007-6439
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a c…
Low
CVE-2007-6441
The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms."
Medium
CVE-2007-6450
The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
Medium
CVE-2007-6451
Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocati…
Critical
CVE-2007-4710
Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted C…
Critical
CVE-2007-5853
Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with…
Critical
CVE-2007-5859
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that…
Medium
CVE-2007-5861
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS fil…
Medium
CVE-2007-6437
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service (crash) via a message with a timestamp that does not contain a trailing space, which t…
2007-12-18
Medium
CVE-2007-6356
exiftags before 1.01 allows attackers to cause a denial of service (infinite loop) via recursive IFD references in the EXIF data in a JPEG image.
High
CVE-2007-5583
Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service ("486 Busy" responses or device reboot) via a sequence of SIP INVITE transactions in which the Requ…
Medium
CVE-2007-6283
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of…
High
CVE-2007-6417
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to re…
2007-12-17
Critical
CVE-2007-4473
Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffi…
Medium
CVE-2007-6409
The gg protocol handler in Gadu-Gadu, when this product is installed but not running, does not properly handle the skin attribute, which allows remote attackers to cause a denial of service (resource…
Medium
CVE-2007-6410
Gadu-Gadu does not properly perform protocol handling, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and add arbitrary user accounts or cause a denial of service…
Medium
CVE-2007-6411
Multiple buffer overflows in the HandleEmotsConfig function in the GG Client in Gadu-Gadu 7.7 Build 3669 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (g…
2007-12-15
High
CVE-2007-6386
Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attacke…
High
CVE-2007-6151
The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buff…
Critical
CVE-2007-6195
Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arb…
Medium
CVE-2007-6359
The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash)…
High
CVE-2007-6360
Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attack…
High
CVE-2007-6371
Nokia N95 cell phone with RM-159 12.0.013 firmware allows remote attackers to cause a denial of service (device inoperability) via a SIP INVITE message accompanied by an immediately subsequent SIP CA…
High
CVE-2007-6372
Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session fla…
2007-12-13
Medium
CVE-2007-6326
Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI.
2007-12-12
Medium
CVE-2007-6315
Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection I…