Total
2548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2251 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2024-11-21 | 7.2 HIGH | N/A |
| Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that makes system calls within multiple threads, aka "Windows Kernel Unhandled Exception Vulnerability." NOTE: according to Microsoft, this is not a duplicate of CVE-2008-4510. | |||||
| CVE-2008-2244 | 1 Microsoft | 1 Office Word | 2024-11-21 | 9.3 HIGH | N/A |
| Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc. | |||||
| CVE-2008-2136 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 7.8 HIGH | N/A |
| Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count. | |||||
| CVE-2008-2111 | 1 Yahoo | 1 Yahoo Assistant | 2024-11-21 | 9.3 HIGH | N/A |
| The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption. | |||||
| CVE-2008-2092 | 1 Linksys | 1 Spa-2102 Phone Adapter | 2024-11-21 | 7.8 HIGH | N/A |
| Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: the severity of this issue has been disputed since there are limited attack scenarios. | |||||
| CVE-2008-2090 | 1 Sun | 1 Solaris | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet. | |||||
| CVE-2008-2058 | 1 Cisco | 2 Adaptive Security Appliance Software, Pix Security Appliance | 2024-11-21 | 7.8 HIGH | N/A |
| Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device. | |||||
| CVE-2008-2014 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.0 MEDIUM | N/A |
| Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls document.write in an infinite loop. | |||||
| CVE-2008-2005 | 1 Wonderware | 2 Intouch, Suitelink | 2024-11-21 | 5.0 MEDIUM | N/A |
| The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in WonderWare InTouch 8.0, allows remote attackers to cause a denial of service (NULL pointer dereference and service shutdown) and possibly execute arbitrary code via a large length value in a Registration packet to TCP port 5413, which causes a memory allocation failure. | |||||
| CVE-2008-2000 | 1 Apple | 1 Safari | 2024-11-21 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls document.write in an infinite loop. | |||||
| CVE-2008-1996 | 1 Licq | 1 Licq | 2024-11-21 | 5.0 MEDIUM | N/A |
| licq before 1.3.6 allows remote attackers to cause a denial of service (file-descriptor exhaustion and application crash) via a large number of connections. | |||||
| CVE-2008-1984 | 1 Broadcom | 1 Secure Content Manager | 2024-11-21 | 7.8 HIGH | N/A |
| The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attackers to cause a denial of service (crash or CPU consumption) via a malformed packet to TCP port 1882. | |||||
| CVE-2008-1927 | 1 Perl | 1 Perl | 2024-11-21 | 5.0 MEDIUM | N/A |
| Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems. | |||||
| CVE-2008-1855 | 1 Mcafee | 1 Cma | 2024-11-21 | 5.0 MEDIUM | N/A |
| FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and earlier, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote attackers to corrupt memory and cause a denial of service (CMA Framework service crash) via a long invalid method in requests for the /spin//AVClient//AVClient.csp URI, a different vulnerability than CVE-2006-5274. | |||||
| CVE-2008-1853 | 1 Hp | 1 Openview Network Node Manager | 2024-11-21 | 4.3 MEDIUM | N/A |
| The ovtopmd service in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (exit) by sending a 0x36 packet (exit request). | |||||
| CVE-2008-1852 | 1 Hp | 1 Openview Network Node Manager | 2024-11-21 | 7.8 HIGH | N/A |
| ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (crash) via certain requests that specify a large number of sub-arguments, which triggers a NULL pointer dereference due to memory allocation failure. | |||||
| CVE-2008-1851 | 1 Hp | 1 Openview Network Node Manager | 2024-11-21 | 5.0 MEDIUM | N/A |
| ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (hang) via certain requests that do not provide all required arguments. | |||||
| CVE-2008-1837 | 1 Clam Anti-virus | 1 Clamav | 2024-11-21 | 5.0 MEDIUM | N/A |
| libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats. | |||||
| CVE-2008-1779 | 1 Sun | 1 Solaris | 2024-11-21 | 6.8 MEDIUM | N/A |
| Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets. | |||||
| CVE-2008-1777 | 1 Novell | 1 Edirectory | 2024-11-21 | 5.0 MEDIUM | N/A |
| The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a long HTTP HEAD request to TCP port 8028. | |||||