Total
9728 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4444 | 1 Cisco | 2 Unified Ip Phone 7940g, Unified Ip Phone 7960g | 2024-02-28 | 7.1 HIGH | N/A |
| Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers. | |||||
| CVE-2008-1748 | 1 Cisco | 1 Unified Communications Manager | 2024-02-28 | 7.8 HIGH | N/A |
| Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355. | |||||
| CVE-2008-6534 | 1 Vwsolutions | 1 Null Ftp | 2024-02-28 | 7.1 HIGH | N/A |
| Incomplete blacklist vulnerability in NULL FTP Server Free and Pro 1.1.0.7 allows remote authenticated users to execute arbitrary commands via a custom SITE command containing shell metacharacters such as "&" (ampersand) in the middle of an argument. | |||||
| CVE-2008-4681 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets. | |||||
| CVE-2008-4105 | 1 Joomla | 1 Joomla | 2024-02-28 | 7.5 HIGH | N/A |
| JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact. | |||||
| CVE-2008-3493 | 1 Realvnc | 1 Realvnc Windows Client | 2024-02-28 | 5.0 MEDIUM | N/A |
| vncviewer.exe in RealVNC Windows Client 4.1.2.0 allows remote VNC servers to cause a denial of service (application crash) via a crafted frame buffer update packet. | |||||
| CVE-2008-6745 | 1 Blogphp | 1 Blogphp | 2024-02-28 | 7.5 HIGH | N/A |
| index.php in BlogPHP 2.0 allows remote attackers to gain administrator privileges via a crafted email parameter in a register2 action. | |||||
| CVE-2008-6538 | 1 Holger Schurig | 1 Destar | 2024-02-28 | 5.0 MEDIUM | N/A |
| DeStar 0.2.2-5 allows remote attackers to add arbitrary users via a direct request to config/add/CfgOptUser. | |||||
| CVE-2009-0120 | 1 Ibm | 1 Websphere Datapower Xml Security Gateway Xs40 | 2024-02-28 | 7.8 HIGH | N/A |
| The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 allows remote attackers to cause a denial of service (device reboot) by sending data over an established SSL connection, as demonstrated by the abc\r\n\r\n string data. | |||||
| CVE-2008-6829 | 1 Vicftps | 1 Vicftps | 2024-02-28 | 5.0 MEDIUM | N/A |
| VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that starts with a "/\/" (forward slash, backward slash, forward slash). NOTE: this might be the same issue as CVE-2008-2031. | |||||
| CVE-2008-5887 | 1 Tincan | 1 Phplist | 2024-02-28 | 5.0 MEDIUM | N/A |
| phplist before 2.10.8 allows remote attackers to include files via unknown vectors, related to a "local file include vulnerability." | |||||
| CVE-2009-1350 | 1 Novell | 1 Netidentity Client1.2.3 | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe, and sending RPC messages that trigger a dereference of an arbitrary pointer. | |||||
| CVE-2009-2534 | 1 Realnetworks | 2 Helix Server, Helix Server Mobile | 2024-02-28 | 5.0 MEDIUM | N/A |
| RealNetworks Helix Server and Helix Mobile Server before 13.0.0 allow remote attackers to cause a denial of service (daemon crash) via an RTSP SETUP request that (1) specifies the / URI or (2) lacks a / character in the URI. | |||||
| CVE-2009-3448 | 1 Bakbone | 1 Netvault | 2024-02-28 | 5.0 MEDIUM | N/A |
| npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1588 | 1 Apple | 4 Iphone, Iphone Os, Ipod Touch and 1 more | 2024-02-28 | 4.3 MEDIUM | N/A |
| Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to spoof the address bar via Unicode ideographic spaces in the URL. | |||||
| CVE-2008-5533 | 2 K7computing, Microsoft | 2 Antivirus, Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
| K7AntiVirus 7.10.541 and possibly 7.10.454, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. | |||||
| CVE-2009-1232 | 1 Mozilla | 1 Firefox | 2024-02-28 | 4.3 MEDIUM | N/A |
| Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote attackers to cause a denial of service (memory corruption) via an XML document composed of a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 3.0.10 and earlier are also affected. | |||||
| CVE-2008-6058 | 1 Syslserve | 1 Syslserve | 2024-02-28 | 5.0 MEDIUM | N/A |
| Syslserve 1.058 and earlier, and probably 1.059, allows remote attackers to cause a denial of service (hang) via a crafted UDP Syslog packet. | |||||
| CVE-2009-0748 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.9 MEDIUM | N/A |
| The ext4_fill_super function in fs/ext4/super.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate the superblock configuration, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) by attempting to mount a crafted ext4 filesystem. | |||||
| CVE-2006-7235 | 1 5e5 | 1 Teamtek Universal Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Teamtek Universal FTP Server 1.0.50 allows remote attackers to cause a denial of service (daemon crash or hang) via (1) multiple STOR (aka PUT) commands, or an MKD command followed by (2) a '*' argument, (3) a '|' argument, (4) spaces, or (5) a long string. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||