CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0CVE-2007-1366
https://notcve.org/view.php?id=CVE-2007-1366
QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error. QEMU 0.8.2 permite a usuarios locales colgar una máquina virtual mediante el operando divisor en la instrucción aam, como se ha demostrado "aam 0x0", la cual dispara un error de división por cero. • http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.html http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.html http://osvdb.org/35498 http://secunia.com/advisories/25073 http://secunia.com/advisories/25095 http://secunia.com/advisories/29129 http://taviso.decsystem.org/virtsec.pdf http://www.debian.org/security/2007/dsa-1284 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 http://www.securityfocus.com/bid/23731 http://www.v •
CVSS: 7.8EPSS: 12%CPEs: 27EXPL: 0CVE-2007-2029
https://notcve.org/view.php?id=CVE-2007-2029
File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service via a crafted PDF file. Una fuga del descriptor de archivos en el manejador PDF en Clam AntiVirus (ClamAV), permite a atacantes remotos causar una denegación de servicio por medio de un archivo PDF especialmente diseñado. • http://osvdb.org/34916 http://secunia.com/advisories/25028 http://secunia.com/advisories/25189 http://www.debian.org/security/2007/dsa-1281 http://www.mandriva.com/security/advisories?name=MDKSA-2007:098 http://www.securityfocus.com/bid/23656 https://exchange.xforce.ibmcloud.com/vulnerabilities/34083 • CWE-399: Resource Management Errors •
CVSS: 6.0EPSS: 0%CPEs: 10EXPL: 0CVE-2007-2138 – PostgreSQL security-definer function privilege escalation
https://notcve.org/view.php?id=CVE-2007-2138
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to "search_path settings." Vulnerabilidad de búsqueda en ruta no confiable en PostgreSQL anterior a 7.3.19, 7.4.x anterior a 7.4.17, 8.0.x anterior a 8.0.13, 8.1.x anterior a 8.1.9, y 8.2.x anterior a 8.2.4 permite a usuarios remotos validados, cuando se permite hacer la llamada a la función SECURITY DEFINER, para ganar los privilegios de la función propietaria, relacionado con "configuración de search_path". • http://rhn.redhat.com/errata/RHSA-2007-0336.html http://secunia.com/advisories/24989 http://secunia.com/advisories/24999 http://secunia.com/advisories/25005 http://secunia.com/advisories/25019 http://secunia.com/advisories/25037 http://secunia.com/advisories/25058 http://secunia.com/advisories/25184 http://secunia.com/advisories/25238 http://secunia.com/advisories/25334 http://secunia.com/advisories/25717 http://secunia.com/advisories/25720 http://secunia.com/advisories&#x • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.7EPSS: 0%CPEs: 19EXPL: 0CVE-2007-2172 – fib_semantics.c out of bounds access vulnerability
https://notcve.org/view.php?id=CVE-2007-2172
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions. Un error tipográfico en el Kernel de Linux versión 2.6 anterior a 2.6.21-rc6 y versión 2.4 anterior a 2.4.35 hace que RTA_MAX se utilice como un tamaño de matriz en lugar de RTN_MAX, lo que conlleva a un "out of bound access" mediante las funciones (1) dn_fib_props (dn_fib.c, DECNet) y (2) fib_props (fib_semantics.c, IPv4). • http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc6 http://rhn.redhat.com/errata/RHSA-2007-0488.html http://secunia.com/advisories/25068 http://secunia.com/advisories/25288 http://secunia.com/advisories/25392 http://secunia.com/advisories/25838 http://secunia.com/advisories/26289 http://secunia.com/advisories/26450 http://secunia.com/advisories/26620 http://secunia.com/advisories/26647 http://secunia.com/advisories/27913 http://secunia.com/advisori • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 14EXPL: 2CVE-2006-4250 – Man Command - -H Flag Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-4250
Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag. Un desbordamiento de búfer en man y mandb (man-db) versiones 2.4.3 y anteriores, permite a usuarios locales ejecutar código arbitrario por medio de argumentos diseñados en el flag -H. • https://www.exploit-db.com/exploits/29822 http://secunia.com/advisories/24801 http://secunia.com/advisories/24828 http://secunia.com/advisories/24995 http://www.debian.org/security/2007/dsa-1278 http://www.novell.com/linux/security/advisories/2007_007_suse.html http://www.securityfocus.com/bid/23355 http://www.vupen.com/english/advisories/2007/1294 http://www.vupen.com/english/advisories/2007/1295 https://exchange.xforce.ibmcloud.com/vulnerabilities/33508 •