Total
29592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5179 | 1 Microsoft | 3 Office Communications Server, Office Communicator, Windows Live Messenger | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and Windows Live Messenger allows remote attackers to cause a denial of service (crash) via a crafted Real-time Transport Control Protocol (RTCP) receiver report packet. | |||||
| CVE-2008-5173 | 1 Testmaker | 1 Testmaker | 2024-11-21 | 9.0 HIGH | N/A |
| Unspecified vulnerability in testMaker before 3.0p16 allows remote authenticated users to execute arbitrary PHP code via unspecified attack vectors. | |||||
| CVE-2008-5160 | 1 Myserver | 1 Myserver | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in MyServer 0.8.11 allows remote attackers to cause a denial of service (daemon crash) via multiple invalid requests with the HTTP GET, DELETE, OPTIONS, and possibly other methods, related to a "204 No Content error." | |||||
| CVE-2008-5111 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function. | |||||
| CVE-2008-5110 | 1 Oneidentity | 1 Syslog-ng | 2024-11-21 | 9.3 HIGH | N/A |
| syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9. | |||||
| CVE-2008-5108 | 1 Adobe | 1 Adobe Air | 2024-11-21 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Adobe AIR 1.1 and earlier allows context-dependent attackers to execute untrusted JavaScript in an AIR application via unknown attack vectors. | |||||
| CVE-2008-5096 | 1 Typo3 | 2 File List Extension, Typo3 | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors. | |||||
| CVE-2008-5072 | 1 K-lite | 1 Mega Codec Pack | 2024-11-21 | 4.3 MEDIUM | N/A |
| vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers to cause a denial of service (application crash) via a malformed FLV file. | |||||
| CVE-2008-5026 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | 3.5 LOW | N/A |
| Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading HTML documents. | |||||
| CVE-2008-5010 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 10.0 HIGH | N/A |
| in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805. | |||||
| CVE-2008-5006 | 1 University Of Washington | 1 Imap Toolkit | 2024-11-21 | 5.0 MEDIUM | N/A |
| smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP servers to cause a denial of service (NULL pointer dereference and application crash) by responding to the QUIT command with a close of the TCP connection instead of the expected 221 response code. | |||||
| CVE-2008-4963 | 1 Cisco | 2 Catos, Ios | 2024-11-21 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port. | |||||
| CVE-2008-4926 | 1 Mw6 Technologies | 1 Pdf417 Activex | 2024-11-21 | 9.0 HIGH | N/A |
| Multiple insecure method vulnerabilities in MW6 Technologies PDF417 ActiveX control (MW6PDF417Lib.PDF417, MW6PDF417.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods. | |||||
| CVE-2008-4925 | 1 Mw6 Technologies | 1 Datamatrix Activex | 2024-11-21 | 9.0 HIGH | N/A |
| Multiple insecure method vulnerabilities in MW6 Technologies DataMatrix ActiveX control (DATAMATRIXLib.MW6DataMatrix, DataMatrix.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods. | |||||
| CVE-2008-4924 | 1 Mw6 Technologies | 1 1d Barcode Decoder Activex | 2024-11-21 | 9.0 HIGH | N/A |
| Multiple insecure method vulnerabilities in MW6 Technologies 1D Barcode ActiveX control (BARCODELib.MW6Barcode, Barcode.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods. | |||||
| CVE-2008-4923 | 1 Mw6 Technologies | 1 Aztec Activex | 2024-11-21 | 9.0 HIGH | N/A |
| Multiple insecure method vulnerabilities in MW6 Technologies Aztec ActiveX control (AZTECLib.MW6Aztec, Aztec.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods. | |||||
| CVE-2008-4916 | 2 Emc, Vmware | 7 Vmware Player, Vmware Ace, Vmware Esx and 4 more | 2024-11-21 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. | |||||
| CVE-2008-4914 | 1 Vmware | 2 Esx, Esxi | 2024-11-21 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service (host crash) via a snapshot with a malformed VMDK delta disk. | |||||
| CVE-2008-4910 | 1 Sun | 1 Java Web Start | 2024-11-21 | 10.0 HIGH | N/A |
| The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method. | |||||
| CVE-2008-4873 | 1 Sepal | 1 Spboard | 2024-11-21 | 10.0 HIGH | N/A |
| board.cgi in Sepal SPBOARD 4.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter during a down_file action. | |||||