Total
12142 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3960 | 1 Ibm | 1 Db2 Universal Database | 2024-11-21 | N/A |
| Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via "malicious packets." | ||||
| CVE-2008-3957 | 1 Microsoft | 1 Windows Image Acquisition Logger | 2024-11-21 | N/A |
| The Microsoft Windows Image Acquisition Logger ActiveX control allows remote attackers to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument to the Save method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3947 | 1 Hp | 1 Openvms | 2024-11-21 | N/A |
| DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line. | ||||
| CVE-2008-3936 | 1 Dreambox | 1 Dm500c | 2024-11-21 | N/A |
| The web interface in Dreambox DM500C allows remote attackers to cause a denial of service (application hang) via a long URI. | ||||
| CVE-2008-3934 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||||
| CVE-2008-3933 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | ||||
| CVE-2008-3932 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2024-11-21 | N/A |
| Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. | ||||
| CVE-2008-3907 | 1 Newsbeuter | 1 Newsbeuter | 2024-11-21 | N/A |
| The open-in-browser command in newsbeuter before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a feed URL. | ||||
| CVE-2008-3906 | 2 Mono, Mono Project | 2 Mono, Mono | 2024-11-21 | N/A |
| CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. | ||||
| CVE-2008-3904 | 1 Lxde | 2 Gpicview, Lightweight X11 Desktop Environment | 2024-11-21 | N/A |
| src/main-win.c in GPicView 0.1.9 in Lightweight X11 Desktop Environment (LXDE) allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename. | ||||
| CVE-2008-3889 | 2 Linux, Postfix | 2 Linux Kernel, Postfix | 2024-11-21 | N/A |
| Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file. | ||||
| CVE-2008-3879 | 1 Ultrashareware | 1 Ultra Office Control | 2024-11-21 | N/A |
| The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 and earlier in Ultra Shareware Ultra Office Control allows remote attackers to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument (SaveAsDocument argument) to the Save method. | ||||
| CVE-2008-3864 | 1 Trend Micro | 3 Internet Security 2007, Internet Security 2008, Officescan | 2024-11-21 | N/A |
| The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allows remote attackers to cause a denial of service (service crash) via a packet with a large value in an unspecified size field. | ||||
| CVE-2008-3844 | 2 Openbsd, Redhat | 4 Openssh, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2024-11-21 | N/A |
| Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known. | ||||
| CVE-2008-3838 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | N/A |
| Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local administrators of non-global zones to read and modify NFS traffic for arbitrary non-global zones, possibly leading to file modifications or a denial of service. | ||||
| CVE-2008-3834 | 2 Freedesktop, Redhat | 4 Dbus, Dbus1.0, Dbus1.1.0 and 1 more | 2024-11-21 | N/A |
| The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error. | ||||
| CVE-2008-3818 | 1 Cisco | 7 Ons, Ons 15310-cl, Ons 15310-ma and 4 more | 2024-11-21 | N/A |
| Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session. | ||||
| CVE-2008-3811 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810. | ||||
| CVE-2008-3810 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811. | ||||
| CVE-2008-3796 | 1 Swfdec | 1 Swfdec | 2024-11-21 | N/A |
| Swfdec 0.6 before 0.6.8 allows remote attackers to cause a denial of service (application crash) via a 1x1 JPEG image. | ||||