Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0126 | 1 Xfree86 Project | 1 Xfree86 | 2008-09-09 | 7.2 HIGH | N/A |
| SGI IRIX buffer overflow in xterm and Xaw allows root access. | |||||
| CVE-1999-0196 | 1 Webgais Development Team | 1 Webgais | 2008-09-09 | 5.0 MEDIUM | N/A |
| websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable). | |||||
| CVE-1999-0047 | 3 Bsdi, Caldera, Eric Allman | 3 Bsd Os, Openlinux, Sendmail | 2008-09-09 | 10.0 HIGH | N/A |
| MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. | |||||
| CVE-1999-0082 | 2 Ftp, Ftpcd | 2 Ftp, Ftpcd | 2008-09-09 | 10.0 HIGH | N/A |
| CWD ~root command in ftpd allows root access. | |||||
| CVE-1999-0019 | 7 Data General, Ibm, Ncr and 4 more | 10 Dg Ux, Aix, Mp-ras and 7 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Delete or create a file via rpc.statd, due to invalid information. | |||||
| CVE-1999-0134 | 1 Sun | 1 Sunos | 2008-09-09 | 7.2 HIGH | N/A |
| vold in Solaris 2.x allows local users to gain root access. | |||||
| CVE-1999-0191 | 1 Microsoft | 1 Internet Information Server | 2008-09-09 | 6.4 MEDIUM | N/A |
| IIS newdsn.exe CGI script allows remote users to overwrite files. | |||||
| CVE-1999-0141 | 1 Netscape | 1 Navigator | 2008-09-09 | 3.7 LOW | N/A |
| Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet. | |||||
| CVE-2008-3891 | 1 Google | 1 Google Apps | 2008-09-05 | 7.5 HIGH | N/A |
| The SAML Single Sign-On (SSO) Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field. | |||||
| CVE-2008-3901 | 2 Linux, Suspend2 | 2 Linux Kernel, Software Suspend 2 | 2008-09-05 | 2.1 LOW | N/A |
| Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. | |||||
| CVE-2008-3437 | 1 Openoffice | 1 Openoffice.org | 2008-09-05 | 7.5 HIGH | N/A |
| OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3754 | 1 Yourfreeworld | 1 Stylish Text Ads Script | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3442 | 1 Winzip | 1 Winzip | 2008-09-05 | 7.5 HIGH | N/A |
| WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3590 | 1 Egi Zaberl | 1 E.z. Poll | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3436 | 1 Notepad\+\+ | 1 Notepad\+\+ | 2008-09-05 | 7.5 HIGH | N/A |
| The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3671 | 2 Acronis, Linux | 2 True Image Echo Server, Linux Kernel | 2008-09-05 | 5.0 MEDIUM | N/A |
| Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3439 | 1 Speedbit | 1 Speedbit Video Accelerator | 2008-09-05 | 7.5 HIGH | N/A |
| SpeedBit Video Acceleration before 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3435 | 1 Linkedin | 1 Browser Toolbar | 2008-09-05 | 7.5 HIGH | N/A |
| LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3433 | 1 Speedbit | 1 Download Accelerator Plus | 2008-09-05 | 7.5 HIGH | N/A |
| SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3233 | 1 Wordpress | 1 Wordpress | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||