Total
29592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6973 | 1 Ibm | 1 Websphere Commerce | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Commerce 6.0 before 6.0.0.7 have unknown impact and attack vectors. | |||||
| CVE-2008-6967 | 1 Alt-n | 2 Mdaemon, Worldclient | 2024-11-21 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related to cross-site scripting (XSS) and WorldClient DLL 10.0.1, a different vulnerability than CVE-2008-6893. | |||||
| CVE-2008-6904 | 1 Sophos | 2 Anti-virus, Anti-virus7.6.3 | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE. | |||||
| CVE-2008-6895 | 1 3cx | 1 Phone System | 2024-11-21 | 7.8 HIGH | N/A |
| 3CX Phone System 6.0.806.0 allows remote attackers to cause a denial of service (unstable service or crash) via unspecified vectors, as demonstrated by vulnerability scans from Nessus or SAINT. | |||||
| CVE-2008-6767 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 10.0 HIGH | N/A |
| wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service (application outage), via a direct request. | |||||
| CVE-2008-6766 | 1 Viart | 1 Viart Shop | 2024-11-21 | 5.0 MEDIUM | N/A |
| cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to cause a denial of service (excessive shopping carts) via a flood of requests. | |||||
| CVE-2008-6765 | 1 Viart | 1 Viart Shop | 2024-11-21 | 5.0 MEDIUM | N/A |
| ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to access the contents of an arbitrary shopping cart via a modified cart_name parameter. | |||||
| CVE-2008-6711 | 1 Avaya | 1 Communication Manager | 2024-11-21 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system logs." | |||||
| CVE-2008-6710 | 1 Avaya | 1 Communication Manager | 2024-11-21 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to "configuring data viewing or restoring credentials." | |||||
| CVE-2008-6709 | 1 Avaya | 2 Communication Manager, Sip Enablement Services | 2024-11-21 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restoring parameters." | |||||
| CVE-2008-6708 | 1 Avaya | 2 Communication Manager, Sip Enablement Services | 2024-11-21 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters." | |||||
| CVE-2008-6706 | 1 Avaya | 2 Communication Manager, Sip Enablement Services | 2024-11-21 | 7.8 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords." | |||||
| CVE-2008-6690 | 1 Typo3 | 2 Nd Antispam, Typo3 | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors. | |||||
| CVE-2008-6685 | 2 Thomas Waggershauser, Typo3 | 2 Air Filemanager, Typo3 | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors. | |||||
| CVE-2008-6621 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6602 | 1 Stadtaus | 1 Download Center Lite | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack vectors related to "A minor security fix." | |||||
| CVE-2008-6601 | 1 Epona | 1 Epona | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Epona 1.5rc3 allows remote attackers to obtain the real IP address of users via unknown vectors. | |||||
| CVE-2008-6579 | 1 Nortel | 1 Cs1000 | 2024-11-21 | 5.0 MEDIUM | N/A |
| Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators." | |||||
| CVE-2008-6578 | 1 Nortel | 1 Cs1000 | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. | |||||
| CVE-2008-6576 | 1 Nortel | 1 Cs1000 | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions. | |||||