Search Results (2713 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-1209 1 Microsoft 1 Windows Vista 2026-04-23 N/A
Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a "dangling pointer" to a process data structure.
CVE-2007-1211 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-23 N/A
Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560.
CVE-2006-6296 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-23 N/A
The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644.
CVE-2006-5757 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures.
CVE-2007-2037 1 Cisco 1 Wireless Lan Controller Software 2026-04-23 N/A
Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic.
CVE-2007-2039 1 Cisco 1 Wireless Lan Controller Software 2026-04-23 N/A
The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841.
CVE-2007-2884 1 Microsoft 1 Visual Basic 2026-04-23 N/A
Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field.
CVE-2007-3676 1 Ibm 1 Db2 2026-04-23 N/A
IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698.
CVE-2007-4346 1 Symantec 1 Backupexec System Recovery 2026-04-23 N/A
The Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11.0.7170 and 11.0.6.6235 allows remote attackers to cause a denial of service (NULL dereference and service crash) via a crafted packet to port 5633/tcp.
CVE-2007-4496 2 Canonical, Vmware 5 Ubuntu Linux, Ace, Player and 2 more 2026-04-23 N/A
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors.
CVE-2006-6304 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump.
CVE-2006-6303 2 Redhat, Yukihiro Matsumoto 2 Enterprise Linux, Ruby 2026-04-23 N/A
The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service (infinite loop) via crafted HTTP requests, a different issue than CVE-2006-5467.
CVE-2007-5093 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device.
CVE-2007-5133 2 3ware, Microsoft 5 3dm Disk Management Software, Windows 2003 Server, Windows Server 2003 and 2 more 2026-04-23 N/A
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.
CVE-2007-5712 1 Django Project 1 Django 2026-04-23 N/A
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.
CVE-2006-4814 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock.
CVE-2007-5859 1 Apple 2 Mac Os X, Safari 2026-04-23 N/A
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that triggers memory corruption.
CVE-2006-4924 2 Openbsd, Redhat 2 Openssh, Enterprise Linux 2026-04-23 N/A
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
CVE-2006-5568 1 Datawizard 1 Ftpxq 2026-04-23 N/A
FtpXQ Server 3.0.1 allows remote attackers to cause a denial of service (CPU exhaustion) via a long MKD command.
CVE-2006-5619 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels.