CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2007-5808
https://notcve.org/view.php?id=CVE-2007-5808
Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets. Vulnerabilidad no especificada en el componente Groupmax Collaboration - Schedule de Hitachi Groupmax Collaboration Portal 07-30 hasta 07-30-/F y 07-32 hasta 07-32-/C, uCosminexus Collaboration Portal 06-30 hasta 06-30-/F y 06-32 hasta 06-32-/C, y Groupmax Collaboration Web Client - Mail/Schedule 07-30 hasta 07-30-/F y d 07-32 hasta 07-32-/B podría permitir a atacantes remotos obtener información confidencial mediante vectores no especificados relativos a portlets de agenda. • http://osvdb.org/42025 http://secunia.com/advisories/27451 http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html http://www.securityfocus.com/bid/26272 http://www.vupen.com/english/advisories/2007/3667 https://exchange.xforce.ibmcloud.com/vulnerabilities/38188 •
CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 0CVE-2007-5281
https://notcve.org/view.php?id=CVE-2007-5281
The Java Secure Socket Extension (JSSE) in the Hitachi Cosminexus Developer's Kit for Java in various Hitachi Cosminexus 7.5 products before 07-50-01, when using JSSE for SSL/TLS support, allows remote attackers to cause a denial of service via certain SSL/TLS handshake requests. NOTE: this may be the same as CVE-2007-3698. La extensión Java Secure Socket Extension (JSSE) en el Hitachi Cosminexus Developer's Kit para Java de varios productos Hitachi Cosminexus 7.5 anteriores a 07-50-01, cuando usan JSSE para el soporte SSL/TLS, permite a atacantes remotos provocar una denegación de servicio mediante determinadas peticiones de negociación SSL/TLS. NOTA: podría ser la misma que CVE-2007-3698. • http://secunia.com/advisories/27075 http://www.hitachi-support.com/security_e/vuls_e/HS07-031_e/index-e.html http://www.securityfocus.com/bid/25935 http://www.vupen.com/english/advisories/2007/3375 https://exchange.xforce.ibmcloud.com/vulnerabilities/36965 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5283
https://notcve.org/view.php?id=CVE-2007-5283
The TSC Domain Manager in Hitachi TPBroker Object Transaction Monitor and Cosminexus TPBroker Object Transaction Monitor 01-00 through 03-00 might allow attackers to cause a denial of service (crash) via invalid messages. El Administrador de Dominio TSC (TSC Domain Manager) en Hitachi TPBroker Object Transaction Monitor y Cosminexus TPBroker Object Transaction Monitor 01-00 hasta 03-00 podría permitir a los atacantes provocar una denegación de servicio (caída) mediante mensajes inválidos. • http://secunia.com/advisories/27035 http://www.hitachi-support.com/security_e/vuls_e/HS07-032_e/index-e.html http://www.securityfocus.com/bid/25936 http://www.vupen.com/english/advisories/2007/3376 https://exchange.xforce.ibmcloud.com/vulnerabilities/36968 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 1%CPEs: 10EXPL: 0CVE-2007-5282
https://notcve.org/view.php?id=CVE-2007-5282
Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library Standard and Web Edition 04-00 and 04-01, might allow remote attackers to cause a denial of service (agent process crash) via invalid data from clients other than Cosminexus Manager. Hitachi Cosminexus Agent 03-00 hasta 03-05, y Cosminexus Library Standard y Web Edition 04-00 y 04-01, podría permitir a atacantes remotos provocar una denegación de servicio (caída del proceso agente) mediante información inválida de otros clientes que no son Cosminexus Manager. • http://secunia.com/advisories/27074 http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html http://www.securityfocus.com/bid/25937 http://www.vupen.com/english/advisories/2007/3377 https://exchange.xforce.ibmcloud.com/vulnerabilities/36966 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 65EXPL: 0CVE-2007-4760
https://notcve.org/view.php?id=CVE-2007-4760
The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503. La herramienta javadoc del Kit para Java: Cosminexus Developer's de Cosminexus 7 y 7.5 puede generar documentos HTML que contienen vulnerabilidades de secuencias de comandos en sitios cruzados (XSS), lo cual permite a atacantes remotos inyectar scripts web o HTML de su elección mediante vectores no especificados. NOTA: esto es probablemente idéntico a CVE-2007-3503. • http://secunia.com/advisories/26671 http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html http://www.securityfocus.com/bid/25518 http://www.vupen.com/english/advisories/2007/3033 https://exchange.xforce.ibmcloud.com/vulnerabilities/36393 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •