Total
2546 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5185 | 1 Geshi | 1 Geshi | 2024-02-28 | 5.0 MEDIUM | N/A |
| The highlighting functionality in geshi.php in GeSHi before 1.0.8 allows remote attackers to cause a denial of service (infinite loop) via an XML sequence containing an opening delimiter without a closing delimiter, as demonstrated using "<". | |||||
| CVE-2009-0076 | 1 Microsoft | 5 Internet Explorer, Windows Server 2003, Windows Server 2008 and 2 more | 2024-02-28 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability." | |||||
| CVE-2009-1305 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2024-02-28 | 5.0 MEDIUM | N/A |
| The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute. | |||||
| CVE-2008-3912 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
| libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition. | |||||
| CVE-2009-0926 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-28 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732. | |||||
| CVE-2008-2706 | 1 Sun | 1 Solaris | 2024-02-28 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference. | |||||
| CVE-2008-3641 | 1 Apple | 1 Cups | 2024-02-28 | 10.0 HIGH | N/A |
| The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. | |||||
| CVE-2008-5425 | 1 Eset | 1 Nod32 Antivirus | 2024-02-28 | 4.3 MEDIUM | N/A |
| ESet NOD32 2.70.0039.0000 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173. | |||||
| CVE-2008-3290 | 1 Emc Dantz | 1 Retrospect Backup Client | 2024-02-28 | 5.0 MEDIUM | N/A |
| retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via a series of long packets containing 0x00 characters to TCP port 497 that trigger memory corruption, probably involving an English product version on a Chinese OS version. | |||||
| CVE-2008-3196 | 1 Yacc | 1 Yacc | 2024-02-28 | 7.8 HIGH | N/A |
| skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack pointer points to the end of the stack. | |||||
| CVE-2009-3675 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2024-02-28 | 6.8 MEDIUM | N/A |
| LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka "Local Security Authority Subsystem Service Resource Exhaustion Vulnerability." | |||||
| CVE-2009-2214 | 1 Citrix | 1 Secure Gateway | 2024-02-28 | 5.0 MEDIUM | N/A |
| The Secure Gateway service in Citrix Secure Gateway 3.1 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an unspecified request. | |||||
| CVE-2009-3797 | 1 Adobe | 2 Adobe Air, Flash Player | 2024-02-28 | 9.3 HIGH | N/A |
| Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. | |||||
| CVE-2009-0219 | 1 Research In Motion Limited | 3 Blackberry Enterprise Server, Blackberry Professional Software, Blackberry Unite | 2024-02-28 | 9.3 HIGH | N/A |
| The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file. | |||||
| CVE-2009-2419 | 1 Apple | 1 Safari | 2024-02-28 | 4.3 MEDIUM | N/A |
| Use-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted HTML document that references a zero-length .js file and the JavaScript reload function. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-2487 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-28 | 7.8 HIGH | N/A |
| Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors. | |||||
| CVE-2009-0878 | 1 Wesnoth | 1 Wesnoth | 2024-02-28 | 5.0 MEDIUM | N/A |
| The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height. | |||||
| CVE-2008-3134 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file. | |||||
| CVE-2008-7094 | 1 Unica | 1 Affinium Campaign | 2024-02-28 | 5.0 MEDIUM | N/A |
| Campaign/CampaignListener in the listener server in Unica Affinium Campaign 7.2.1.0.55 allows remote attackers to cause a denial of service (server crash) via a crafted length field that triggers (1) connection exhaustion or (2) memory allocation failure. | |||||
| CVE-2009-0102 | 1 Microsoft | 3 Office Project, Project Portfolio Server, Project Server | 2024-02-28 | 9.3 HIGH | N/A |
| Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, does not properly handle memory allocation for Project files, which allows remote attackers to execute arbitrary code via a malformed file, aka "Project Memory Validation Vulnerability." | |||||