Search Results (2713 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-1238 1 Microsoft 1 Office 2026-04-23 N/A
Microsoft Office 2003 allows user-assisted remote attackers to cause a denial of service (application crash) by attempting to insert a corrupted WMF file.
CVE-2006-5757 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures.
CVE-2006-5728 1 Dxmsoft 1 Xm Easy Personal Ftp Server 2026-04-23 N/A
XM Easy Personal FTP Server 5.2.1 and earlier allows remote authenticated users to cause a denial of service via a long argument to the NLST command, possibly involving the -al flags.
CVE-2007-3106 3 Libvorbis, Redhat, Rpath 3 Libvorbis, Enterprise Linux, Rpath Linux 2026-04-23 N/A
lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trigger a "heap overwrite" in the _01inverse function in res0.c. NOTE: this issue has been RECAST so that CVE-2007-4029 handles additional vectors.
CVE-2007-1673 9 Amavis, Avast, Avira and 6 more 13 Amavis, Avast Antivirus, Avast Antivirus Home and 10 more 2026-04-23 N/A
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
CVE-2007-0842 1 Microsoft 1 Visual C\+\+ 2026-04-23 N/A
The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, including (1) localtime, (2) localtime_s, (3) gmtime, (4) gmtime_s, (5) ctime, (6) ctime_s, (7) wctime, (8) wctime_s, and (9) fstat, trigger an assertion error instead of a NULL pointer or EINVAL when processing a time argument later than Jan 1, 3000, which might allow context-dependent attackers to cause a denial of service (application exit) via large time values. NOTE: it could be argued that this is a design limitation of the functions, and the vulnerability lies with any application that does not validate arguments to these functions. However, this behavior is inconsistent with documentation, which does not list assertions as a possible result of an error condition.
CVE-2007-3185 1 Apple 1 Safari 2026-04-23 N/A
Apple Safari Beta 3.0.1 for Windows public beta allows remote attackers to cause a denial of service (crash) via unspecified DHTML manipulations that trigger memory corruption, as demonstrated using Hamachi.
CVE-2007-3274 2 Apple, Microsoft 2 Safari, Windows Xp 2026-04-23 N/A
Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause a denial of service (application crash) via JavaScript that sets the document.location variable, as demonstrated by an empty value of document.location.
CVE-2007-2415 1 Pi3web 1 Pi3web Web Server 2026-04-23 N/A
Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) via a long URI. NOTE: this issue was originally reported as a crash, but the vendor states that the impact is a "clean" exit in which "the server I/O loop finishes and the process exits normally."
CVE-2007-3902 1 Microsoft 2 Ie, Internet Explorer 2026-04-23 N/A
Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability."
CVE-2007-4036 1 Guidance Software 1 Encase 2026-04-23 N/A
Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report "memory allocation errors;" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion
CVE-2007-4617 1 Bea 1 Weblogic Server 2026-04-23 N/A
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote attackers to cause a denial of service (server thread hang) via unspecified vectors.
CVE-2007-3116 1 Maradns 1 Maradns 2026-04-23 N/A
Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3114 and CVE-2007-3115.
CVE-2007-0710 1 Apple 2 Ichat, Mac Os X 2026-04-23 N/A
The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614.
CVE-2002-2430 1 Goahead 1 Goahead Webserver 2026-04-23 N/A
GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server.
CVE-2007-4689 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets.
CVE-2006-5645 1 Sophos 2 Anti-virus, Endpoint Security 2026-04-23 N/A
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.
CVE-2007-4770 2 Icu-project, Redhat 2 International Components For Unicode, Enterprise Linux 2026-04-23 N/A
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.
CVE-2007-4772 5 Canonical, Debian, Postgresql and 2 more 6 Ubuntu Linux, Debian Linux, Postgresql and 3 more 2026-04-23 N/A
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
CVE-2007-4897 2 Ekiga, Redhat 2 Ekiga, Enterprise Linux 2026-04-23 N/A
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).