CyberSecurityBoard
Sponsor Register Login

CVE-2007-5938

The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors during module initialization.

Publication date: Fri, 29 Sep 2017 06:29:00 +0000


Cyber News related to CVE-2007-5938

CVE-2013-4381 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-5938. Reason: This candidate is a duplicate of CVE-2013-5938. Notes: All CVE users should reference CVE-2013-5938 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com
CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
5 years ago
CVE-2007-5938 - The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to cause a denial of service (kernel panic) via ...
7 months ago
CVE-2014-5938 - The AllDealsAsia All Deals ADA app (aka com.ada.deals) application 4.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ...
9 years ago
CVE-2015-5938 - ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted metadata in an image. ...
8 years ago
CVE-2016-5938 - IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system. ...
7 years ago
CVE-2006-5938 - Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a crafted CAB file. ...
6 years ago
CVE-2012-5938 - The installation process in IBM InfoSphere Information Server 8.1, 8.5, 8.7, and 9.1 on UNIX and Linux sets incorrect permissions and ownerships for unspecified files, which allows local users to bypass intended access restrictions via standard ...
6 years ago
CVE-2013-5938 - Cross-site scripting (XSS) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a confirmation form. ...
6 years ago
CVE-2008-5938 - PHP remote file inclusion vulnerability in assets/snippets/reflect/snippet.reflect.php in MODx CMS 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the reflect_base parameter. ...
6 years ago
CVE-2017-5938 - Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. ...
5 years ago
CVE-2019-5938 - Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Mail'. ...
5 years ago
CVE-2020-5938 - On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels with configured, authenticated peers, the peer may negotiate a different key length than the BIG-IP configuration would otherwise allow. ...
3 years ago
CVE-2023-5186 - Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: ...
8 months ago
CVE-2023-5187 - Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) ...
8 months ago
CVE-2023-4903 - Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) ...
8 months ago
CVE-2023-4909 - Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low) ...
8 months ago
CVE-2023-4901 - Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) ...
8 months ago
CVE-2023-4902 - Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) ...
8 months ago
CVE-2023-4900 - Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium) ...
8 months ago
CVE-2023-4906 - Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low) ...
8 months ago
CVE-2023-4907 - Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low) ...
8 months ago
CVE-2023-4908 - Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low) ...
8 months ago
CVE-2023-4905 - Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) ...
8 months ago
CVE-2023-4904 - Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium) ...
8 months ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)