Total
11643 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0226 | 6 Apple, Canonical, Debian and 3 more | 6 Mac Os X, Ubuntu Linux, Debian Linux and 3 more | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. | |||||
| CVE-2008-0225 | 1 Xine | 1 Xine-lib | 2024-11-21 | 6.4 MEDIUM | N/A |
| Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0223 | 1 Justsystem | 3 Ichitaro, Ichitaro Lite2, Ichitaro Viewer | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file. | |||||
| CVE-2008-0220 | 1 Gateway | 2 Cweblaunchctl Activex Control, Weblaunch | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allow remote attackers to execute arbitrary code via a long string in the (1) second or (2) fourth argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0176 | 1 Ge Fanuc | 1 Cimplicity | 2024-11-21 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2008-0152 | 1 Seattle Lab Software | 1 Slnet Rf Telnet Server | 2024-11-21 | 4.3 MEDIUM | N/A |
| SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service (crash) via unspecified telnet options, which triggers a NULL pointer dereference. NOTE: the crash is not user-assisted when the server is running in debug mode. | |||||
| CVE-2008-0151 | 1 Foxitsoftware | 1 Wac Server | 2024-11-21 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Telnet request with long options. | |||||
| CVE-2008-0127 | 1 Mcafee | 1 E-business Server | 2024-11-21 | 8.8 HIGH | N/A |
| The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication packet. | |||||
| CVE-2008-0108 | 1 Microsoft | 2 Office, Works | 2024-11-21 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." | |||||
| CVE-2008-0106 | 1 Microsoft | 4 Data Engine, Sql Server, Sql Server Desktop Engine and 1 more | 2024-11-21 | 9.0 HIGH | N/A |
| Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement. | |||||
| CVE-2008-0100 | 1 White Dune | 1 White Dune | 2024-11-21 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Scene::errorf function in Scene.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via a long string in a .WRL file. | |||||
| CVE-2008-0098 | 1 Realnetworks | 1 Realplayer | 2024-11-21 | 10.0 HIGH | N/A |
| Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: As of 20080103, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-0096 | 1 Georgia Softworks | 1 Ssh2 Server | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allow remote attackers to execute arbitrary code via a (1) a long username, which triggers an overflow in the log function; or (2) a long password. | |||||
| CVE-2008-0090 | 2 Divx, Microsoft | 2 Divx Player, Internet Explorer | 2024-11-21 | 5.0 MEDIUM | N/A |
| A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method. | |||||
| CVE-2008-0086 | 1 Microsoft | 4 Data Engine, Sql Server, Sql Server Desktop Engine and 1 more | 2024-11-21 | 9.0 HIGH | N/A |
| Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. | |||||
| CVE-2008-0080 | 1 Microsoft | 5 Webdav Mini-redirector, Windows 2003 Server, Windows Server 2003 and 2 more | 2024-11-21 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response. | |||||
| CVE-2008-0069 | 1 Pierreegougelet | 1 Xnview | 2024-11-21 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in XnView 1.92 and 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long FontName parameter in a slideshow (.sld) file, a different vector than CVE-2008-1461. | |||||
| CVE-2008-0067 | 1 Hp | 1 Openview Network Node Manager | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program. | |||||
| CVE-2008-0066 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2024-11-21 | 9.3 HIGH | N/A |
| Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element. | |||||
| CVE-2008-0065 | 1 Winamp | 1 Nullsoft Winamp | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles. | |||||