Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0364 | 2 Bittorrent, Utorrent | 2 Bittorrent, Utorrent | 2018-10-15 | 5.0 MEDIUM | N/A |
| Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier in the 1.8.x series; on Windows allows remote attackers to cause a denial of service (application crash) via a long Unicode string representing a client version identifier. | |||||
| CVE-2008-0356 | 1 Citrix | 4 Access Essentials, Desktop Server, Metaframe Presentation Server and 1 more | 2018-10-15 | 10.0 HIGH | N/A |
| Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513. | |||||
| CVE-2008-0247 | 1 Ibm | 1 Tivoli Storage Manager Express | 2018-10-15 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.3 before 5.3.7.3 allows remote attackers to execute arbitrary code via a packet with a large length value. | |||||
| CVE-2008-0234 | 1 Apple | 1 Quicktime | 2018-10-15 | 9.3 HIGH | N/A |
| Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message. | |||||
| CVE-2008-0227 | 1 Yassl | 1 Yassl | 2018-10-15 | 7.5 HIGH | N/A |
| yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp. | |||||
| CVE-2008-0176 | 1 Ge Fanuc | 1 Cimplicity | 2018-10-15 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2008-0151 | 1 Foxitsoftware | 1 Wac Server | 2018-10-15 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Telnet request with long options. | |||||
| CVE-2008-0127 | 1 Mcafee | 1 E-business Server | 2018-10-15 | 8.8 HIGH | N/A |
| The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication packet. | |||||
| CVE-2008-0106 | 1 Microsoft | 4 Data Engine, Sql Server, Sql Server Desktop Engine and 1 more | 2018-10-15 | 9.0 HIGH | N/A |
| Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement. | |||||
| CVE-2008-0100 | 1 White Dune | 1 White Dune | 2018-10-15 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Scene::errorf function in Scene.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via a long string in a .WRL file. | |||||
| CVE-2008-0096 | 1 Georgia Softworks | 1 Ssh2 Server | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allow remote attackers to execute arbitrary code via a (1) a long username, which triggers an overflow in the log function; or (2) a long password. | |||||
| CVE-2008-0086 | 1 Microsoft | 4 Data Engine, Sql Server, Sql Server Desktop Engine and 1 more | 2018-10-15 | 9.0 HIGH | N/A |
| Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. | |||||
| CVE-2008-0067 | 1 Hp | 1 Openview Network Node Manager | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program. | |||||
| CVE-2008-0066 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2018-10-15 | 9.3 HIGH | N/A |
| Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element. | |||||
| CVE-2008-0063 | 2 Apple, Mit | 3 Mac Os X, Mac Os X Server, Kerberos 5 | 2018-10-15 | 4.3 MEDIUM | N/A |
| The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." | |||||
| CVE-2008-0027 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2018-10-15 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request. | |||||
| CVE-2008-0006 | 2 Sun, X.org | 3 Solaris Libfont, Solaris Libxfont, Xserver | 2018-10-15 | 7.5 HIGH | N/A |
| Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table. | |||||
| CVE-2008-0003 | 2 Openpegasus, Redhat | 3 Management Server, Enterprise Linux, Enterprise Linux Desktop | 2018-10-15 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360. | |||||
| CVE-2007-6725 | 1 Ghostscript | 1 Ghostscript | 2018-10-15 | 7.5 HIGH | N/A |
| The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function. | |||||
| CVE-2007-6697 | 1 Sdl | 1 Sdl Image | 2018-10-15 | 7.5 HIGH | N/A |
| Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information. | |||||