Total
9398 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0791 | 1 Intermate | 1 Winipds | 2018-10-15 | 5.0 MEDIUM | N/A |
| ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attackers to cause a denial of service (CPU consumption) via short packets on TCP port 5001 with the 3, 5, 7, 13, 14, or 15 packet types. | |||||
| CVE-2008-0656 | 1 Emc | 2 Documentum Administrator, Documentum Webtop | 2018-10-15 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute. | |||||
| CVE-2008-0672 | 1 Tintin | 2 Tintin\+\+, Wintin\+\+ | 2018-10-15 | 5.0 MEDIUM | N/A |
| The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (application crash) via a YES message without a newline character, which triggers a NULL dereference. | |||||
| CVE-2008-0555 | 1 Apache-ssl | 1 Apache-ssl | 2018-10-15 | 7.5 HIGH | N/A |
| The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables. | |||||
| CVE-2008-0473 | 1 Web Wiz | 1 Rich Text Editor | 2018-10-15 | 6.4 MEDIUM | N/A |
| RTE_popup_save_file.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to upload (1) .html and (2) .htm files via unspecified vectors. | |||||
| CVE-2008-0457 | 1 Symantec | 1 Backupexec System Recovery | 2018-10-15 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors. | |||||
| CVE-2008-0506 | 1 Coppermine | 1 Coppermine Photo Gallery | 2018-10-15 | 6.8 MEDIUM | N/A |
| include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php. | |||||
| CVE-2008-0298 | 1 Apple | 2 Mac Os X, Safari | 2018-10-15 | 4.3 MEDIUM | N/A |
| KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element. | |||||
| CVE-2008-0406 | 1 Hfs | 1 Http File Server | 2018-10-15 | 5.0 MEDIUM | N/A |
| HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allows remote attackers to cause a denial of service (daemon crash) via a long account name. | |||||
| CVE-2008-0373 | 1 Php | 1 F1 Maxs File Uploader | 2018-10-15 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in PHP F1 Max's File Uploader allows remote attackers to upload and execute arbitrary PHP files. | |||||
| CVE-2008-0172 | 2 Boost, Ubuntu | 2 Boost, Ubuntu Linux | 2018-10-15 | 5.0 MEDIUM | N/A |
| The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression. | |||||
| CVE-2008-0244 | 1 Sap | 1 Maxdb | 2018-10-15 | 10.0 HIGH | N/A |
| SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe. | |||||
| CVE-2008-0209 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2018-10-15 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to redirect users to arbitrary web sites via a URL in the target parameter. | |||||
| CVE-2008-0199 | 1 Pro Search | 1 Pro Search | 2018-10-15 | 5.0 MEDIUM | N/A |
| PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the show_page and time parameters to the default URI. | |||||
| CVE-2008-0241 | 1 Sun | 1 Java System Identity Manager | 2018-10-15 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter. | |||||
| CVE-2008-0171 | 1 Boost | 2 Boost, Boost Regex Library | 2018-10-15 | 5.0 MEDIUM | N/A |
| regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression. | |||||
| CVE-2008-0009 | 1 Linux | 1 Linux Kernel | 2018-10-15 | 2.1 LOW | N/A |
| The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations. | |||||
| CVE-2008-0097 | 1 Georgia Softworks | 1 Ssh2 Server | 2018-10-15 | 7.5 HIGH | N/A |
| Format string vulnerability in the log function in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username field, as demonstrated by a certain LoginPassword message. | |||||
| CVE-2008-0116 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-15 | 9.3 HIGH | N/A |
| Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability." | |||||
| CVE-2008-0010 | 1 Linux | 1 Linux Kernel | 2018-10-15 | 2.1 LOW | N/A |
| The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations. | |||||