Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0664 | 1 Wordpress | 1 Wordpress | 2011-03-07 | 6.4 MEDIUM | N/A |
| The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors. | |||||
| CVE-2008-0668 | 2 Gnome, Redhat | 2 Gnumeric, Fedora | 2011-03-07 | 9.3 HIGH | N/A |
| The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0693 | 1 Print Manager Plus | 1 Client Billing And Authentication | 2011-03-07 | 7.8 HIGH | N/A |
| Stack-based buffer overflow in PQCore.exe in Print Manager Plus 2008 Client Billing and Authentication 7.0.127.16 allows remote attackers to cause a denial of service (service outage) via a series of long packets to TCP port 48101. | |||||
| CVE-2008-0694 | 1 Ibm | 1 Os 400 | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. | |||||
| CVE-2008-0696 | 1 Ibm | 1 Db2 | 2011-03-07 | 7.5 HIGH | N/A |
| IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors. | |||||
| CVE-2008-0697 | 1 Ibm | 1 Db2 | 2011-03-07 | 7.2 HIGH | N/A |
| Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors. | |||||
| CVE-2008-0698 | 1 Ibm | 1 Db2 | 2011-03-07 | 7.8 HIGH | N/A |
| Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access." | |||||
| CVE-2008-0715 | 1 Acdsee | 1 Photo Manager | 2011-03-07 | 9.3 HIGH | N/A |
| Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user-assisted remote attackers to execute arbitrary code via a malformed XBM file. NOTE: this might be the same as CVE-2007-6009. | |||||
| CVE-2008-0716 | 1 Symantec | 1 Altiris Notification Server | 2011-03-07 | 6.8 MEDIUM | N/A |
| The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 allows local users to gain privileges via a "Shatter" style attack. | |||||
| CVE-2008-0717 | 1 Ibm | 1 Websphere Edge Server | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response. | |||||
| CVE-2008-0740 | 1 Ibm | 1 Websphere Application Server | 2011-03-07 | 2.1 LOW | N/A |
| IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) and 6.1 before Fix Pack 15 (6.1.0.15) writes unspecified cleartext information to http_plugin.log, which might allow local users to obtain sensitive information by reading this file. | |||||
| CVE-2008-0741 | 1 Ibm | 1 Websphere Application Server | 2011-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the PropFilePasswordEncoder utility in IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) has unknown impact and attack vectors. | |||||
| CVE-2008-0807 | 2 Debian, Horde | 4 Debian Linux, Groupware, Groupware Webmail Edition and 1 more | 2011-03-07 | 4.9 MEDIUM | N/A |
| lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify address data via a modified object_id parameter to edit.php, as demonstrated by modifying a personal address book entry when there is write access to a shared address book. | |||||
| CVE-2008-0825 | 1 Caroline | 1 Caroline | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Claroline before 1.8.9 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-0826 | 1 Caroline | 1 Caroline | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-0834 | 1 Ibm | 1 Lotus Quickr | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-0836 | 1 Sun | 1 Solaris | 2011-03-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319. | |||||
| CVE-2008-0858 | 2 Kerio, Visnetic | 2 Kerio Mailserver, Visnetic Antivirus Plug-in For Mail Server | 2011-03-07 | 7.5 HIGH | N/A |
| Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2008-0859 | 1 Kerio | 1 Kerio Mailserver | 2011-03-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Kerio MailServer before 6.5.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to decoding of uuencoded input, which triggers memory corruption. | |||||
| CVE-2008-0860 | 1 Kerio | 2 Avg Plugin, Kerio Mailserver | 2011-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs. | |||||