Total
9170 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0656 | 1 Emc | 2 Documentum Administrator, Documentum Webtop | 2018-10-15 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute. | |||||
| CVE-2008-0555 | 1 Apache-ssl | 1 Apache-ssl | 2018-10-15 | 7.5 HIGH | N/A |
| The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables. | |||||
| CVE-2008-0506 | 1 Coppermine | 1 Coppermine Photo Gallery | 2018-10-15 | 6.8 MEDIUM | N/A |
| include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval parameter to picEditor.php. | |||||
| CVE-2008-0457 | 1 Symantec | 1 Backupexec System Recovery | 2018-10-15 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors. | |||||
| CVE-2008-0473 | 1 Web Wiz | 1 Rich Text Editor | 2018-10-15 | 6.4 MEDIUM | N/A |
| RTE_popup_save_file.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to upload (1) .html and (2) .htm files via unspecified vectors. | |||||
| CVE-2008-0406 | 1 Hfs | 1 Http File Server | 2018-10-15 | 5.0 MEDIUM | N/A |
| HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allows remote attackers to cause a denial of service (daemon crash) via a long account name. | |||||
| CVE-2008-0298 | 1 Apple | 2 Mac Os X, Safari | 2018-10-15 | 4.3 MEDIUM | N/A |
| KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element. | |||||
| CVE-2008-0373 | 1 Php | 1 F1 Maxs File Uploader | 2018-10-15 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in PHP F1 Max's File Uploader allows remote attackers to upload and execute arbitrary PHP files. | |||||
| CVE-2008-0172 | 2 Boost, Ubuntu | 2 Boost, Ubuntu Linux | 2018-10-15 | 5.0 MEDIUM | N/A |
| The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression. | |||||
| CVE-2008-0171 | 1 Boost | 2 Boost, Boost Regex Library | 2018-10-15 | 5.0 MEDIUM | N/A |
| regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression. | |||||
| CVE-2008-0199 | 1 Pro Search | 1 Pro Search | 2018-10-15 | 5.0 MEDIUM | N/A |
| PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the show_page and time parameters to the default URI. | |||||
| CVE-2008-0209 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2018-10-15 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to redirect users to arbitrary web sites via a URL in the target parameter. | |||||
| CVE-2008-0241 | 1 Sun | 1 Java System Identity Manager | 2018-10-15 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter. | |||||
| CVE-2008-0244 | 1 Sap | 1 Maxdb | 2018-10-15 | 10.0 HIGH | N/A |
| SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe. | |||||
| CVE-2008-0009 | 1 Linux | 1 Linux Kernel | 2018-10-15 | 2.1 LOW | N/A |
| The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations. | |||||
| CVE-2008-0010 | 1 Linux | 1 Linux Kernel | 2018-10-15 | 2.1 LOW | N/A |
| The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations. | |||||
| CVE-2008-0071 | 2 Bittorrent, Utorrent | 2 Bittorrent, Utorrent | 2018-10-15 | 4.3 MEDIUM | N/A |
| The Web UI interface in (1) BitTorrent before 6.0.3 build 8642 and (2) uTorrent before 1.8beta build 10524 allows remote attackers to cause a denial of service (application crash) via an HTTP request with a malformed Range header. | |||||
| CVE-2008-0097 | 1 Georgia Softworks | 1 Ssh2 Server | 2018-10-15 | 7.5 HIGH | N/A |
| Format string vulnerability in the log function in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username field, as demonstrated by a certain LoginPassword message. | |||||
| CVE-2008-0101 | 1 White Dune | 1 White Dune | 2018-10-15 | 7.5 HIGH | N/A |
| Format string vulnerability in the swDebugf function in DuneApp.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a .WRL file. | |||||
| CVE-2008-0116 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-15 | 9.3 HIGH | N/A |
| Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability." | |||||