Total
29529 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2100 | 1 Vmware | 8 Ace, Esx, Esx Server and 5 more | 2024-11-21 | 7.2 HIGH | N/A |
| Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. | |||||
| CVE-2008-2090 | 1 Sun | 1 Solaris | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet. | |||||
| CVE-2008-2077 | 1 Plain Black | 1 Webgui | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Plain Black WebGUI 7.4.34 has unknown impact and attack vectors related to "data form list view." | |||||
| CVE-2008-2064 | 1 Phpgedview | 1 Phpgedview | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems." | |||||
| CVE-2008-2060 | 1 Cisco | 1 Intrusion Prevention System | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5.x before 5.1(8)E2 and 6.x before 6.0(5)E2, when inline mode and jumbo Ethernet support are enabled, allows remote attackers to cause a denial of service (panic), and possibly bypass intended restrictions on network traffic, via a "specific series of jumbo Ethernet frames." | |||||
| CVE-2008-2057 | 1 Cisco | 2 Adaptive Security Appliance Software, Pix Security Appliance | 2024-11-21 | 5.4 MEDIUM | N/A |
| The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet. | |||||
| CVE-2008-2054 | 1 Cisco | 1 Ciscoworks Common Services | 2024-11-21 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a client machine via unknown vectors. | |||||
| CVE-2008-2053 | 1 Cisco | 1 Unified Customer Voice Portal | 2024-11-21 | 9.0 HIGH | N/A |
| Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x before 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account. | |||||
| CVE-2008-2051 | 1 Php | 1 Php | 2024-11-21 | 10.0 HIGH | N/A |
| The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars." | |||||
| CVE-2008-2041 | 1 Egroupware | 1 Egroupware | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors and "grave" impact when the web server has write access to a directory under the web document root. | |||||
| CVE-2008-2010 | 2 Apple, Microsoft | 3 Quicktime, Windows Vista, Windows Xp | 2024-11-21 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a crafted QuickTime media file. NOTE: as of 20080429, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-2000 | 1 Apple | 1 Safari | 2024-11-21 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls document.write in an infinite loop. | |||||
| CVE-2008-1945 | 6 Canonical, Debian, Opensuse and 3 more | 9 Ubuntu Linux, Debian Linux, Opensuse and 6 more | 2024-11-21 | 2.1 LOW | N/A |
| QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004. | |||||
| CVE-2008-1924 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-11-21 | 3.5 LOW | N/A |
| Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable. | |||||
| CVE-2008-1900 | 1 Carbon Communities | 1 Carbon Communities | 2024-11-21 | 7.5 HIGH | N/A |
| option_Update.asp in Carbon Communities 2.4 and earlier allows remote attackers to edit arbitrary member information via a modified ID field. | |||||
| CVE-2008-1877 | 1 Debian | 1 Tss | 2024-11-21 | 2.1 LOW | N/A |
| tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with privileges. | |||||
| CVE-2008-1854 | 1 Smartertools | 1 Smartermail | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in SmarterMail Web Server (SMWebSvr.exe) in SmarterMail 5.0.2999 allows remote attackers to cause a denial of service (service termination) via a long HTTP (1) GET, (2) HEAD, (3) PUT, (4) POST, or (5) TRACE request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1837 | 1 Clam Anti-virus | 1 Clamav | 2024-11-21 | 5.0 MEDIUM | N/A |
| libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats. | |||||
| CVE-2008-1831 | 1 Oracle | 1 Siebel Enterprise | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Siebel SimBuilder component in Oracle Siebel Enterprise 7.8.2 and 7.8.5 have unknown impact and remote or local attack vectors, aka (1) SEBL01, (2) SEBL02, (3) SEBL03, (4) SEBL04, (5) SEBL05, and (6) SEBL06. | |||||
| CVE-2008-1830 | 2 Jdedwards, Oracle | 2 Enterpriseone, Peoplesoft Hcm Eperformance | 2024-11-21 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the PeopleSoft HCM ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 and 9.0 has unknown impact and remote attack vectors, aka PSE03. | |||||