CyberSecurityBoard
Sponsor Register Login

CVE-2007-4626

Unspecified vulnerability in Polipo before 1.0.2 allows remote attackers to cause a denial of service (daemon crash) via certain network traffic associated with entities larger than 2 Gb.

Publication date: Fri, 31 Aug 2007 06:17:00 +0000


Cyber News related to CVE-2007-4626

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago
CVE-2007-4626 - Unspecified vulnerability in Polipo before 1.0.2 allows remote attackers to cause a denial of service (daemon crash) via certain network traffic associated with entities larger than 2 Gb. ...
16 years ago
CVE-2014-4626 - EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote authenticated users to gain privileges by (1) placing a command in a dm_job object and setting this object's owner to a ...
10 years ago
CVE-2015-4544 - EMC Documentum Content Server before 7.1P20 and 7.2.x before 7.2P04 does not properly verify authorization for dm_job object access, which allows remote authenticated users to obtain superuser privileges via crafted object operations. NOTE: this ...
8 years ago
CVE-2006-4626 - Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and directory names whose concatenation triggers the ...
13 years ago
CVE-2013-4626 - Cross-site scripting (XSS) vulnerability in the BackWPup plugin before 3.0.13 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php. ...
11 years ago
CVE-2015-4626 - B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft. ...
1 year ago
CVE-2010-4626 - The my_rand function in functions.php in MyBB (aka MyBulletinBoard) before 1.4.12 does not properly use the PHP mt_rand function, which makes it easier for remote attackers to obtain access to an arbitrary account by requesting a reset of the ...
7 years ago
CVE-2009-4626 - Directory traversal vulnerability in menu.php in phpNagios 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the conf[lang] parameter. ...
7 years ago
CVE-2008-4626 - Directory traversal vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 and possibly other versions through 2.3.3-beta0, when magic_quotes_gpc is disabled, allows remote attackers to include and ...
7 years ago
CVE-2005-4626 - The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct ...
6 years ago
CVE-2016-4626 - IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. ...
5 years ago
CVE-2011-4626 - Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the "JSwindow" property of the typolink function. ...
5 years ago
CVE-2020-4626 - IBM Cloud Pak for Security 1.3.0.1 (CP4S) could reveal sensitive information about the internal network to an authenticated user using a specially crafted HTTP request. IBM X-Force ID: 185362. ...
3 years ago
CVE-2022-4626 - The PPWP WordPress plugin before 1.8.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks ...
2 years ago
CVE-2018-4626 - ** REJECT ** This candidate is unused by its CNA. ...
1 year ago
CVE-2017-4626 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com
CVE-2023-4626 - The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ladiflow_save_hook() function in versions up to, and including, 4.3. This makes it possible for authenticated attackers with ...
11 months ago
CVE-2024-4626 - The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘layout_type’ and 'id' parameters in all versions up to, and including, 1.0.17 due to insufficient input sanitization and output ...
8 months ago
CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago
CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
6 years ago
CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
6 years ago
CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
6 years ago
CVE-2007-4246 - Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), ...
7 years ago
CVE-2007-0222 - Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably "\.." sequences in the beanId parameter. NOTE: this is ...
6 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)