Total
9398 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3864 | 1 Trend Micro | 3 Internet Security 2007, Internet Security 2008, Officescan | 2018-10-11 | 5.0 MEDIUM | N/A |
| The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allows remote attackers to cause a denial of service (service crash) via a packet with a large value in an unspecified size field. | |||||
| CVE-2008-3936 | 1 Dreambox | 1 Dm500c | 2018-10-11 | 7.8 HIGH | N/A |
| The web interface in Dreambox DM500C allows remote attackers to cause a denial of service (application hang) via a long URI. | |||||
| CVE-2008-4101 | 1 Vim | 1 Vim | 2018-10-11 | 9.3 HIGH | N/A |
| Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712. | |||||
| CVE-2008-3933 | 1 Wireshark | 1 Wireshark | 2018-10-11 | 3.3 LOW | N/A |
| Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | |||||
| CVE-2008-3934 | 1 Wireshark | 1 Wireshark | 2018-10-11 | 3.3 LOW | N/A |
| Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | |||||
| CVE-2008-3889 | 2 Linux, Postfix | 2 Linux Kernel, Postfix | 2018-10-11 | 2.1 LOW | N/A |
| Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file. | |||||
| CVE-2008-4041 | 1 Softalk Mail Server | 1 Softalk Mail Server | 2018-10-11 | 4.0 MEDIUM | N/A |
| The IMAP server in Softalk Mail Server (formerly WorkgroupMail) 8.5.1.431 allows remote authenticated users to cause a denial of service (resource consumption and daemon crash) via a long IMAP APPEND command with certain repeated parameters. | |||||
| CVE-2008-3906 | 2 Mono, Mono Project | 2 Mono, Mono | 2018-10-11 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. | |||||
| CVE-2008-3763 | 1 Turnkeywebtools | 1 Php Live Helper | 2018-10-11 | 6.8 MEDIUM | N/A |
| Variable overwrite vulnerability in libsecure.php in Turnkey PHP Live Helper 2.0.1 and earlier, when register_globals is enabled, allows remote attackers to overwrite arbitrary variables related to the db config file. NOTE: this can be leveraged for code injection by overwriting the language file. | |||||
| CVE-2008-3697 | 1 Vmware | 2 Server, Vmware Server | 2018-10-11 | 5.0 MEDIUM | N/A |
| An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request. | |||||
| CVE-2008-3657 | 1 Ruby-lang | 1 Ruby | 2018-10-11 | 7.5 HIGH | N/A |
| The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen. | |||||
| CVE-2008-3676 | 1 Hmailserver | 1 Hmailserver | 2018-10-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the IMAP server in hMailServer 4.4.1 allows remote authenticated users to cause a denial of service (resource exhaustion or daemon crash) via a long series of IMAP commands. | |||||
| CVE-2008-3660 | 1 Php | 1 Php | 2018-10-11 | 5.0 MEDIUM | N/A |
| PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php. | |||||
| CVE-2008-3680 | 1 Flagship Industries | 1 Ventrilo | 2018-10-11 | 5.0 MEDIUM | N/A |
| The decryption function in Flagship Industries Ventrilo 3.0.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) by sending a type 0 packet with an invalid version followed by another packet to TCP port 3784. | |||||
| CVE-2008-3396 | 1 Epic Games | 1 Unreal Tournament 2004 | 2018-10-11 | 5.0 MEDIUM | N/A |
| Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a certain sequence of malformed packets. | |||||
| CVE-2008-3410 | 1 Epic Games | 1 Unreal Tournament 3 | 2018-10-11 | 5.0 MEDIUM | N/A |
| Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a UDP packet in which the value of a certain size field is greater than the total packet length, aka attack 2 in ut3mendo.c. | |||||
| CVE-2008-3607 | 1 Noticeware | 1 Email Server | 2018-10-11 | 5.0 MEDIUM | N/A |
| The IMAP server in NoticeWare Email Server NG 4.6.3 and earlier allows remote attackers to cause a denial of service (daemon crash) via multiple long LOGIN commands. | |||||
| CVE-2008-3492 | 1 Americasarmy | 1 America\'s Army | 2018-10-11 | 5.0 MEDIUM | N/A |
| America's Army (aka AA or Army Game Project) 2.8.3.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted UDP packet, probably involving a VoiceIndex value that is outside of the range specified by VOICE_MAX_CHATTERS. | |||||
| CVE-2008-3208 | 1 Simpledns | 1 Simple Dns Plus | 2018-10-11 | 5.0 MEDIUM | N/A |
| Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 allows remote attackers to cause a denial of service via multiple DNS reply packets. | |||||
| CVE-2008-3323 | 1 Redhat | 1 Cygwin | 2018-10-11 | 7.6 HIGH | N/A |
| setup.exe before 2.573.2.3 in Cygwin does not properly verify the authenticity of packages, which allows remote Cygwin mirror servers or man-in-the-middle attackers to execute arbitrary code via a package list containing the MD5 checksum of a Trojan horse package. | |||||