• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-Other

CVE-2007-2053

February 26, 2023 by

Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 URL in lib/vnode_s3.cpp; or (3) a long (c) EFW, (d) AFD, or (c) aimage file path. NOTE: the aimage vector (3c) has since been recalled from the researcher’s original advisory, since the code is not called in any version of AFFLIB.

CVE-2007-2054

February 26, 2023 by

Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls in (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afinfo.cpp, (e) aimage/aimage.cpp, (f) aimage/imager.cpp, and (g) tools/afxml.cpp. NOTE: the aimage.cpp vector (e) has since been recalled from the researcher’s original advisory, since the code is not called in any version of AFFLIB.

CVE-2007-2055

February 26, 2023 by

AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the get_parameter vector (2) is ever called.

CVE-2007-2057

February 26, 2023 by

Stack-based buffer overflow in aircrack-ng airodump-ng 0.7 allows remote attackers to execute arbitrary code via crafted 802.11 authentication packets.

CVE-2007-1982

February 26, 2023 by

Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) __IncludeFilePHPClass, (2) __ClassPath, and (3) __class parameters to (a) rspa/framework/Controller_v5.php, and (b) rspa/framework/Controller_v4.php.

CVE-2007-1983

February 26, 2023 by

PHP remote file inclusion vulnerability in include/default_header.php in Cyboards PHP Lite 1.21 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter, a different vector than CVE-2006-2871.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 363
  • Go to page 364
  • Go to page 365
  • Go to page 366
  • Go to page 367
  • Interim pages omitted …
  • Go to page 940
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE