Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-4222 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 7.1 HIGH | N/A |
natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet Sharing is enabled, allows remote attackers to cause a denial of service (infinite loop) via a crafted TCP packet. | |||||
CVE-2009-2815 | 1 Apple | 1 Iphone Os | 2024-02-28 | 7.8 HIGH | N/A |
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message. | |||||
CVE-2009-0177 | 1 Vmware | 5 Ace, Fusion, Server and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command. | |||||
CVE-2008-1582 | 1 Apple | 1 Quicktime | 2024-02-28 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AAC-encoded file that triggers memory corruption. | |||||
CVE-2008-1340 | 1 Vmware | 6 Ace, Player, Server and 3 more | 2024-02-28 | 7.1 HIGH | N/A |
Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption." | |||||
CVE-2009-2664 | 1 Mozilla | 1 Firefox | 2024-02-28 | 5.0 MEDIUM | N/A |
The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE: this was originally reported as affecting versions before 3.0.13. | |||||
CVE-2008-4800 | 1 Microsoft | 1 Debug Diagnostic Tool | 2024-02-28 | 5.0 MEDIUM | N/A |
The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in Microsoft Debug Diagnostic Tool allows remote attackers to cause a denial of service (NULL pointer dereference and Internet Explorer 6.0 crash) via a large negative integer argument to the GetEntryPointForThread method. NOTE: this issue might only be exploitable in limited environments or non-default browser settings. | |||||
CVE-2008-5181 | 1 Microsoft | 1 Office Communicator | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Communicator allows remote attackers to cause a denial of service (application or device outage) via instant messages containing large numbers of emoticons. | |||||
CVE-2008-5428 | 2 Microsoft, Opera | 2 Windows Xp, Opera | 2024-02-28 | 4.3 MEDIUM | N/A |
Opera 9.51 on Windows XP does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173. | |||||
CVE-2009-0751 | 1 Yaws | 1 Yaws | 2024-02-28 | 5.0 MEDIUM | N/A |
Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers. | |||||
CVE-2008-5300 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.9 MEDIUM | N/A |
Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029. | |||||
CVE-2008-2441 | 1 Cisco | 2 Secure Access Control Server, Secure Acs | 2024-02-28 | 7.5 HIGH | N/A |
Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, and 4.2.x before 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated users to cause a denial of service (CSRadius and CSAuth service crash) or possibly execute arbitrary code via a crafted RADIUS (1) EAP-Response/Identity, (2) EAP-Response/MD5, or (3) EAP-Response/TLS Message Attribute packet. | |||||
CVE-2008-1389 | 1 Clam Anti-virus | 1 Clamav | 2024-02-28 | 5.0 MEDIUM | N/A |
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access." | |||||
CVE-2009-1514 | 1 Google | 1 Chrome | 2024-02-28 | 5.0 MEDIUM | N/A |
Google Chrome 1.0.154.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a throw statement with a long exception value. | |||||
CVE-2008-4231 | 1 Apple | 3 Iphone Os, Ipod Touch, Safari | 2024-02-28 | 9.3 HIGH | N/A |
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | |||||
CVE-2008-2307 | 2 Apple, Microsoft | 5 Mac Os X, Safari, Windows and 2 more | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption. | |||||
CVE-2008-3632 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements. | |||||
CVE-2008-1739 | 1 Apple | 1 Quicktime | 2024-02-28 | 6.8 MEDIUM | N/A |
Apple QuickTime before 7.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted ftyp atoms in a movie file, which triggers memory corruption. | |||||
CVE-2008-6472 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 4.3 MEDIUM | N/A |
The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors. | |||||
CVE-2008-1576 | 1 Apple | 1 Mac Os X | 2024-02-28 | 6.8 MEDIUM | N/A |
Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote attackers to execute arbitrary code or cause a denial of service (application crash), or obtain sensitive information (memory contents) in opportunistic circumstances, by sending an e-mail message. |