Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Desktop
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2808 3 Mozilla, Redhat, Ubuntu 10 Firefox, Seamonkey, Thunderbird and 7 more 2024-02-28 4.3 MEDIUM N/A
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.
CVE-2008-1944 2 Redhat, Xensource 4 Desktop, Enterprise Linux, Virtualization Server and 1 more 2024-02-28 7.2 HIGH N/A
Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows local users to cause a denial of service (SDL crash) and possibly execute arbitrary code via "bogus screen updates," related to missing validation of the "format of messages."
CVE-2008-1767 1 Redhat 5 Desktop, Enterprise Linux, Enterprise Linux Desktop and 2 more 2024-02-28 7.5 HIGH N/A
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
CVE-2008-1943 2 Redhat, Xensource 4 Desktop, Enterprise Linux, Virtualization Server and 1 more 2024-02-28 2.1 LOW N/A
Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer.
CVE-2008-0411 6 Debian, Ghostscript, Mandrakesoft and 3 more 14 Debian Linux, Ghostscript, Mandrake Linux and 11 more 2024-02-28 6.8 MEDIUM N/A
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
CVE-2008-0597 2 Easy Software Products, Redhat 3 Cups, Desktop, Enterprise Linux 2024-02-28 5.0 MEDIUM N/A
Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets.
CVE-2008-0596 2 Easy Software Products, Redhat 3 Cups, Desktop, Enterprise Linux 2024-02-28 5.0 MEDIUM N/A
Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.