admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct static code injection, via a saveGlobalconfig action.
Max CVSS
10.0
EPSS Score
0.33%
Published
2007-04-30
Updated
2017-10-11
Buffer overflow in wserve_console.exe in Wserve HTTP Server (whttp) 4.6 allows remote attackers to cause a denial of service (forced application exit) via a long directory name in the URI.
Max CVSS
10.0
EPSS Score
4.44%
Published
2007-04-30
Updated
2018-10-16
Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) cause a denial of service (daemon crash) and possibly execute arbitrary code via a certain update, which triggers a heap-based buffer overflow in update.c; and (2) cause a denial of service (daemon crash) via unspecified vectors that trigger an off-by-one stack-based buffer overflow in update.c.
Max CVSS
9.0
EPSS Score
9.30%
Published
2007-04-30
Updated
2017-07-29
The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, on Windows allows remote attackers to cause a denial of service (daemon crash) via a UDP packet that contains an invalid "packet type" field.
Max CVSS
7.8
EPSS Score
2.58%
Published
2007-04-27
Updated
2011-03-08
Unspecified vulnerability in InterVations NaviCOPA Web Server 2.01 20070323 allows remote attackers to cause a denial of service (daemon crash) via crafted HTTP requests, as demonstrated by long requests containing '\A' characters, probably a different issue than CVE-2006-5112 and CVE-2007-1733. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.8
EPSS Score
0.54%
Published
2007-04-27
Updated
2017-07-29
NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted packet that contains two CRLF sequences. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.8
EPSS Score
1.26%
Published
2007-04-27
Updated
2017-07-29
MiniShare 1.5.4, and possibly earlier, allows remote attackers to cause a denial of service (application crash) via a flood of requests for new connections.
Max CVSS
7.8
EPSS Score
1.18%
Published
2007-04-26
Updated
2011-03-08
The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x before 1.4.3 does not properly parse SIP UDP packets that do not contain a valid response code, which allows remote attackers to cause a denial of service (crash).
Max CVSS
7.8
EPSS Score
11.40%
Published
2007-04-26
Updated
2018-10-16
The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (crash) by using MD5 authentication to authenticate a user that does not have a password defined in manager.conf, resulting in a NULL pointer dereference.
Max CVSS
7.8
EPSS Score
11.24%
Published
2007-04-26
Updated
2018-10-16
3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood of packets on TCP port 80 with sequentially increasing source ports, related to a "badly written loop." NOTE: the vendor disputes this issue, stating that the product has "performed as expected with no DoS emerging.
Max CVSS
7.8
EPSS Score
1.83%
Published
2007-04-25
Updated
2024-03-21
The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a memory leak, but it is not certain.
Max CVSS
7.8
EPSS Score
0.40%
Published
2007-04-25
Updated
2022-02-26
The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request.
Max CVSS
7.8
EPSS Score
16.03%
Published
2007-04-25
Updated
2017-10-11
Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 before 20070424 allows remote authenticated users, operating from a different cluster node, to cause a denial of service (data corruption or send_mondo panic) via unspecified vectors, as demonstrated by EMC Symcli backup software 6.2.1.
Max CVSS
6.8
EPSS Score
1.06%
Published
2007-04-25
Updated
2017-07-29
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434.
Max CVSS
7.8
EPSS Score
5.56%
Published
2007-04-25
Updated
2019-10-09
The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.
Max CVSS
7.8
EPSS Score
10.45%
Published
2007-04-25
Updated
2018-10-16
Unspecified vulnerability in the Initialize function in NetscapeFTPHandler in WS_FTP Home and Professional 2007 allows remote attackers to cause a denial of service (NULL dereference and application crash) via unspecified vectors related to "improper arguments."
Max CVSS
7.8
EPSS Score
3.81%
Published
2007-04-24
Updated
2018-10-16
A certain ActiveX control in askPopStp.dll in Netsprint Ask IE Toolbar 1.1 allows remote attackers to cause a denial of service (Internet Explorer crash) via a long AddAllowed property value, related to "improper memory handling," possibly a buffer overflow.
Max CVSS
7.8
EPSS Score
5.38%
Published
2007-04-24
Updated
2018-10-16
aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers to cause a denial of service (application crash) by sending invalid data to TCP port 31337.
Max CVSS
5.0
EPSS Score
2.96%
Published
2007-04-24
Updated
2008-11-13
Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
Max CVSS
5.0
EPSS Score
5.38%
Published
2007-04-24
Updated
2017-10-11
Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted WMV file.
Max CVSS
7.1
EPSS Score
0.99%
Published
2007-04-24
Updated
2018-10-16
Multiple unspecified vulnerabilities in IXceedCompression in XceddZipLib (RaidenFTPD.dll) in RaidenFTPD 2.4 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving the (1) CalculateCrc, (2) Compress, and (3) Uncompress functions, which result in a NULL pointer dereference.
Max CVSS
7.8
EPSS Score
1.28%
Published
2007-04-24
Updated
2018-10-16
Multiple unspecified vulnerabilities in Objective Development Sharity before 3.3 allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Max CVSS
7.8
EPSS Score
1.83%
Published
2007-04-24
Updated
2017-07-29
Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service (browser crash or abort) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/.
Max CVSS
5.0
EPSS Score
1.14%
Published
2007-04-22
Updated
2018-10-16
Apple Safari allows remote attackers to cause a denial of service (browser crash) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/.
Max CVSS
5.0
EPSS Score
0.30%
Published
2007-04-22
Updated
2018-10-16
(1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote attackers to cause a denial of service (browser crash or system hang) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/.
Max CVSS
7.8
EPSS Score
0.67%
Published
2007-04-22
Updated
2018-10-16
71 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!