Total
12142 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2391 | 1 Codeplex | 1 Subsonic | 2024-11-21 | N/A |
| SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1. | ||||
| CVE-2008-2372 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2024-11-21 | N/A |
| The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages." | ||||
| CVE-2008-2362 | 2 Redhat, X | 2 Enterprise Linux, X11 | 2024-11-21 | N/A |
| Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption. | ||||
| CVE-2008-2326 | 2 Apple, Microsoft | 6 Bonjour, Windows-nt, Windows 2000 and 3 more | 2024-11-21 | N/A |
| mDNSResponder in the Bonjour Namespace Provider in Apple Bonjour for Windows before 1.0.5 allows attackers to cause a denial of service (NULL pointer dereference and application crash) by resolving a crafted .local domain name that contains a long label. | ||||
| CVE-2008-2283 | 1 Idautomation | 4 Aztec Barcode, Datamatrix Barcode, Linear Barcode and 1 more | 2024-11-21 | N/A |
| IDAutomation allows remote attackers to overwrite arbitrary files via the argument to the (1) SaveBarCode and (2) SaveEnhWMF methods in (a) the IDAuto.BarCode.1 ActiveX control in IDAutomationLinear6.dll (aka IDAutomation Linear BarCode) 1.6.0.6, (b) the IDAuto.Datamatrix.1 ActiveX control in IDAutomationDMATRIX6.DLL (aka IDautomation Datamatrix Barcode) 1.6.0.6, (c) the IDAuto.PDF417.1 ActiveX control in IDAutomationPDF417_6.dll (aka IDautomation PDF417 Barcode) 1.6.0.6, and (d) the IDAuto.Aztec.1 ActiveX control in IDAutomationAZTEC.dll (aka IDautomation Aztec Barcode) 1.7.1.0. | ||||
| CVE-2008-2267 | 1 Cms Made Simple | 1 Cms Made Simple | 2024-11-21 | N/A |
| Incomplete blacklist vulnerability in javaUpload.php in Postlet in the FileManager module in CMS Made Simple 1.2.4 and earlier allows remote attackers to execute arbitrary code by uploading a file with a name ending in (1) .jsp, (2) .php3, (3) .cgi, (4) .dhtml, (5) .phtml, (6) .php5, or (7) .jar, then accessing it via a direct request to the file in modules/FileManager/postlet/. | ||||
| CVE-2008-2259 | 1 Microsoft | 1 Internet Explorer | 2024-11-21 | N/A |
| Microsoft Internet Explorer 6 and 7 does not perform proper "argument validation" during print preview, which allows remote attackers to execute arbitrary code via unknown vectors, aka "HTML Component Handling Vulnerability." | ||||
| CVE-2008-2256 | 1 Microsoft | 1 Internet Explorer | 2024-11-21 | N/A |
| Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2008-2173 | 1 Yamaha | 1 Router | 2024-11-21 | N/A |
| Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | ||||
| CVE-2008-2172 | 1 Hitachi | 3 Gr2000, Gr3000, Gr4000 | 2024-11-21 | N/A |
| Unspecified vulnerability in Hitachi GR routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | ||||
| CVE-2008-2171 | 1 Alaxala | 1 Ax Router | 2024-11-21 | N/A |
| Unspecified vulnerability in AlaxalA AX routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | ||||
| CVE-2008-2170 | 1 Century Software | 1 Router | 2024-11-21 | N/A |
| Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | ||||
| CVE-2008-2169 | 2 Avici, Hitachi | 4 Router, Gr2000, Gr3000 and 1 more | 2024-11-21 | N/A |
| Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | ||||
| CVE-2008-2157 | 1 Emc Corporation | 1 Alphastor | 2024-11-21 | N/A |
| robotd in the Library Manager in EMC AlphaStor 3.1 SP1 for Windows allows remote attackers to execute arbitrary commands via an unspecified string field in a packet to TCP port 3500. | ||||
| CVE-2008-2134 | 1 Tru-zone | 1 Nukeet | 2024-11-21 | N/A |
| The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie. | ||||
| CVE-2008-2119 | 1 Asterisk | 2 Asterisk Business Edition, Open Source | 2024-11-21 | N/A |
| Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1) an empty const string and (2) a NULL pointer. | ||||
| CVE-2008-2110 | 1 Qto | 1 Qtofilemanager | 2024-11-21 | N/A |
| Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request. | ||||
| CVE-2008-2106 | 1 Activision | 1 Call Of Duty 4 | 2024-11-21 | N/A |
| Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value. | ||||
| CVE-2008-2061 | 1 Cisco | 1 Unified Communications Manager | 2024-11-21 | N/A |
| The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748. | ||||
| CVE-2008-2056 | 1 Cisco | 3 Adaptive Security Appliance, Adaptive Security Appliance Software, Pix Security Appliance | 2024-11-21 | N/A |
| Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface. | ||||