Total
9398 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2032 | 1 Acritum | 1 Femitter Server | 2017-08-08 | 5.0 MEDIUM | N/A |
| The FTP service in Acritum Femitter Server 1.03 allows remote attackers to cause a denial of service (crash) by sending multiple crafted RETR commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1605 | 1 Leadtools | 1 Multimedia Toolkit | 2017-08-08 | 6.8 MEDIUM | N/A |
| The (1) ltmmCaptureCtrl Class, (2) ltmmConvertCtrl Class, and (3) ltmmPlayCtrl Class ActiveX controls (ltmm15.dll 15.1.0.17 and earlier) in LEADTOOLS Multimedia Toolkit 15 allow attackers to overwrite arbitrary files via the SaveSettingsToFile method. | |||||
| CVE-2008-1745 | 1 Cisco | 1 Unified Communications Manager | 2017-08-08 | 7.8 HIGH | N/A |
| Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115. | |||||
| CVE-2008-1942 | 1 Foxit Software | 1 Reader | 2017-08-08 | 6.8 MEDIUM | N/A |
| Foxit Reader 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with (1) a malformed ExtGState resource containing a /Font resource, or (2) an XObject resource with a Rotate setting, which triggers memory corruption. NOTE: this is probably a different vulnerability than CVE-2007-2186. | |||||
| CVE-2008-1691 | 1 Seattle Lab Software | 1 Slmail Pro | 2017-08-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (UDP service outage) via a large packet to UDP port 54. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2134 | 1 Tru-zone | 1 Nukeet | 2017-08-08 | 6.8 MEDIUM | N/A |
| The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie. | |||||
| CVE-2008-1905 | 1 Nero | 2 Mediahome, Nero | 2017-08-08 | 5.0 MEDIUM | N/A |
| NMMediaServer.exe in Nero MediaHome 3.3.3.0 and earlier, as used in Nero 8.3.2.1 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long HTTP request to TCP port 54444, a different vector than CVE-2007-2322. | |||||
| CVE-2008-1532 | 1 Perlbal | 1 Perlbal | 2017-08-08 | 5.0 MEDIUM | N/A |
| Perlbal before 1.70, when buffered upload is enabled, allows remote attackers to cause a denial of service (crash) via a zero-byte chunked upload. | |||||
| CVE-2008-1014 | 1 Apple | 1 Quicktime | 2017-08-08 | 4.3 MEDIUM | N/A |
| Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2008-1030 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 10.0 HIGH | N/A |
| Integer overflow in the CFDataReplaceBytes function in the CFData API in CoreFoundation in Apple Mac OS X before 10.5.3 allows context-dependent attackers to execute arbitrary code or cause a denial of service (crash) via an invalid length argument, which triggers a heap-based buffer overflow. | |||||
| CVE-2008-0251 | 1 Photopost | 1 Photopost Vbgallery | 2017-08-08 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in PhotoPost vBGallery before 2.4.2 allows remote attackers to upload and execute arbitrary files via unknown vectors. | |||||
| CVE-2007-6299 | 1 Drupal | 1 Drupal | 2017-08-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules. | |||||
| CVE-2008-0054 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 6.4 MEDIUM | N/A |
| Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used. | |||||
| CVE-2008-0264 | 1 Drupal | 1 Meta Tags Module | 2017-08-08 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 module for Drupal, when images are permitted in node bodies, allows remote authenticated users to execute arbitrary code via unspecified vectors involving creation of a node. | |||||
| CVE-2008-0527 | 1 Cisco | 3 Session Initiation Protocol \(sip\) Firmware, Skinny Client Control Protocol \(sccp\) Firmware, Unified Ip Phone | 2017-08-08 | 7.8 HIGH | N/A |
| The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request. | |||||
| CVE-2008-1066 | 1 Smarty | 1 Smarty | 2017-08-08 | 7.5 HIGH | N/A |
| The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string. | |||||
| CVE-2008-0331 | 1 Funkwerk | 2 System Software, X2300 | 2017-08-08 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Router / VPN devices allows remote attackers to cause a denial of service (panic and reboot) via unspecified DNS requests. | |||||
| CVE-2008-0526 | 1 Cisco | 3 Session Initiation Protocol \(sip\) Firmware, Skinny Client Control Protocol \(sccp\) Firmware, Unified Ip Phone | 2017-08-08 | 7.8 HIGH | N/A |
| Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a long ICMP echo request (ping) packet. | |||||
| CVE-2008-0534 | 2 Cisco, Icon-labs | 2 Service Control Engine, Iconfidant Ssh | 2017-08-08 | 7.8 HIGH | N/A |
| The SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (device restart or daemon outage) via a high rate of login attempts, aka Bug ID CSCsi68582. | |||||
| CVE-2008-0999 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 7.1 HIGH | N/A |
| Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a crafted Universal Disc Format (UDF) disk image, which triggers a NULL pointer dereference. | |||||