Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2404 | 1 Sun | 1 Java Asp Server | 2017-08-07 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field. | |||||
| CVE-2008-2405 | 1 Sun | 1 Java Active Server Pages | 2017-08-07 | 7.5 HIGH | N/A |
| Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications. | |||||
| CVE-2008-2406 | 1 Sun | 1 Java Asp Server | 2017-08-07 | 7.5 HIGH | N/A |
| The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102. | |||||
| CVE-2008-2408 | 1 Ceruleanstudios | 1 Trillian Pro | 2017-08-07 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag. | |||||
| CVE-2008-2409 | 1 Cerulean Studios | 1 Trillian | 2017-08-07 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message. | |||||
| CVE-2008-2410 | 1 Ibm | 1 Lotus Domino Web Server | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-2412 | 1 Acgv.free | 1 Acgv News | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2413 | 1 Acgv.free | 1 Acgv News | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2008-2414 | 1 Aguestbook | 1 An Guestbook | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote attackers to inject arbitrary web script or HTML via the postid parameter. | |||||
| CVE-2008-2415 | 1 Digitalhive | 1 Digitalhive | 2017-08-07 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in template/purpletech/base_include.php in DigitalHive (aka hive) 2.0 RC2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-2419 | 1 Mozilla | 1 Firefox | 2017-08-07 | 4.3 MEDIUM | N/A |
| Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in loading an empty Java applet defined by a 'src="javascript:"' sequence. | |||||
| CVE-2008-2420 | 1 Stunnel | 1 Stunnel | 2017-08-07 | 6.8 MEDIUM | N/A |
| The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates. | |||||
| CVE-2008-2422 | 1 Webslider | 1 Webslider | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Web Slider 0.6 allows remote attackers to execute arbitrary SQL commands via the slide parameter in a slides action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2423 | 1 Interchange Development Group | 1 Interchange | 2017-08-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635. | |||||
| CVE-2008-2424 | 1 Icdevgroup | 1 Interchange | 2017-08-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the 404 error page for the "Standard demo" in Interchange before 5.6.0 and before 5.5.2 has unknown impact and attack vectors. | |||||
| CVE-2008-2425 | 1 Fichive | 1 Fichive | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the letter parameter in a Search action, a different vector than CVE-2008-2416. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2431 | 1 Novell | 1 Iprint | 2017-08-07 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFileList method; a long argument to the (5) GetServerVersion, (6) GetResourceList, or (7) DeleteResource method, related to nipplib.dll; a long uploadPath argument to the (8) UploadPrinterDriver or (9) UploadResource method, related to URIs; (10) a long seventh argument to the UploadResource method; a long string in the (11) second, (12) third, or (13) fourth argument to the GetDriverSettings method, related to the IppGetDriverSettings function in nipplib.dll; or (14) a long eighth argument to the UploadResourceToRMS method. | |||||
| CVE-2008-2449 | 1 Ikemcg | 1 Phpinstantgallery | 2017-08-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan phpInstantGallery 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gallery parameter to (a) index.php and (b) image.php, and the (2) imgnum parameter to image.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2486 | 1 Emule | 1 Emule Plus | 2017-08-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to "staticservers.dat processing." | |||||
| CVE-2008-2489 | 1 Typo3 | 1 Sg Zfelib | 2017-08-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input." | |||||