CVE-2008-0xxx

There are 966 CVE in this subgroup.
Last updated: 
← Back to 2008
ID Summary Flags Max Score
CVE-2008-0001 VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mo...
S
CVE-2008-0002 Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an ...
CVE-2008-0003 Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM ma...
S
CVE-2008-0004 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2008-0005 mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev...
E
CVE-2008-0006 Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on som...
S
CVE-2008-0007 Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does no...
E
CVE-2008-0008 The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return valu...
E
CVE-2008-0009 The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not vali...
E
CVE-2008-0010 The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does n...
E
CVE-2008-0011 Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2...
S
CVE-2008-0012 Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all...
CVE-2008-0013 Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all...
CVE-2008-0014 Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all...
CVE-2008-0015 Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Libra...
E
CVE-2008-0016 Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and...
S
CVE-2008-0017 The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox 2.x b...
CVE-2008-0020 Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Templ...
S
CVE-2008-0026 SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 befor...
CVE-2008-0027 Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in...
S
CVE-2008-0028 Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Securi...
CVE-2008-0029 Cisco Application Velocity System (AVS) before 5.1.0 is installed with default passwords for some sy...
CVE-2008-0030 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-0031 Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of...
CVE-2008-0032 Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file contai...
S
CVE-2008-0033 Unspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of...
CVE-2008-0034 Unspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physi...
CVE-2008-0035 Unspecified vulnerability in Foundation, as used in Apple iPhone 1.0 through 1.1.2, iPod touch 1.1 t...
CVE-2008-0036 Buffer overflow in Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via ...
CVE-2008-0037 X11 in Apple Mac OS X 10.5 through 10.5.1 does not properly handle when the "Allow connections from ...
S
CVE-2008-0038 Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an uninstalled application to be launch...
S
CVE-2008-0039 Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows remote attackers to execute arbit...
S
CVE-2008-0040 Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 allows remote attackers to ca...
S
CVE-2008-0041 Parental Controls in Apple Mac OS X 10.5 through 10.5.1 contacts www.apple.com "when a website is un...
S
CVE-2008-0042 Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 thro...
S
CVE-2008-0043 Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrar...
S
CVE-2008-0044 Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers ...
S
CVE-2008-0045 Unspecified vulnerability in AFP Server in Apple Mac OS X 10.4.11 allows remote attackers to bypass ...
S
CVE-2008-0046 The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set a...
S
CVE-2008-0047 Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions includ...
S
CVE-2008-0048 Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers t...
S
CVE-2008-0049 AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-...
S
CVE-2008-0050 CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via d...
S
CVE-2008-0051 Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbi...
S
CVE-2008-0052 CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote attacker...
S
CVE-2008-0053 Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remot...
S
CVE-2008-0054 Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary co...
S
CVE-2008-0055 Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies f...
S
CVE-2008-0056 Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attacke...
S
CVE-2008-0057 Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10....
S
CVE-2008-0058 Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS ...
S
CVE-2008-0059 Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers ...
S
CVE-2008-0060 Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Apples...
S
CVE-2008-0061 MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04 allows remote attackers to...
CVE-2008-0062 KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which al...
CVE-2008-0063 The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion...
S
CVE-2008-0064 Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85,...
S
CVE-2008-0065 Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attac...
CVE-2008-0066 Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyVie...
CVE-2008-0067 Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7...
CVE-2008-0068 Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01...
E
CVE-2008-0069 Stack-based buffer overflow in XnView 1.92 and 1.92.1 allows user-assisted remote attackers to execu...
E S
CVE-2008-0070 Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA allows remote attackers to exe...
CVE-2008-0071 The Web UI interface in (1) BitTorrent before 6.0.3 build 8642 and (2) uTorrent before 1.8beta build...
E S
CVE-2008-0072 Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution...
S
CVE-2008-0073 Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allo...
S
CVE-2008-0074 Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows lo...
CVE-2008-0075 Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows re...
CVE-2008-0076 Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote at...
CVE-2008-0077 Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote at...
S
CVE-2008-0078 Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6...
CVE-2008-0079 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-0080 Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP...
CVE-2008-0081 Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004...
S
CVE-2008-0082 An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for...
CVE-2008-0083 The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used...
S
CVE-2008-0084 Unspecified vulnerability in the TCP/IP support in Microsoft Windows Vista allows remote DHCP server...
CVE-2008-0085 SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Ed...
S
CVE-2008-0086 Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE ...
CVE-2008-0087 The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predic...
S
CVE-2008-0088 Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and...
CVE-2008-0089 SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrar...
E
CVE-2008-0090 A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a de...
E
CVE-2008-0091 Directory traversal vulnerability in download2.php in AGENCY4NET WEBFTP 1 allows remote attackers to...
E
CVE-2008-0092 Cross-site scripting (XSS) vulnerability in index.php in the search module in Appalachian State Univ...
E
CVE-2008-0093 Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in eTicket 1.5.5.2, and 1.5.6 R...
E
CVE-2008-0094 Multiple directory traversal vulnerabilities in MODx Content Management System 0.9.6.1 allow remote ...
E S
CVE-2008-0095 The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-be...
E S
CVE-2008-0096 Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allow re...
CVE-2008-0097 Format string vulnerability in the log function in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.000...
CVE-2008-0098 Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code ...
CVE-2008-0099 Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to exec...
E
CVE-2008-0100 Stack-based buffer overflow in the Scene::errorf function in Scene.cpp in White_Dune 0.29 beta791 an...
E S
CVE-2008-0101 Format string vulnerability in the swDebugf function in DuneApp.cpp in White_Dune 0.29 beta791 and e...
E S
CVE-2008-0102 Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attac...
CVE-2008-0103 Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2...
CVE-2008-0104 Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attac...
CVE-2008-0105 Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 200...
CVE-2008-0106 Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allo...
CVE-2008-0107 Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000)...
CVE-2008-0108 Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2...
E
CVE-2008-0109 Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remot...
CVE-2008-0110 Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Off...
S
CVE-2008-0111 Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack,...
S
CVE-2008-0112 Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-...
S
CVE-2008-0113 Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remot...
CVE-2008-0114 Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for ...
S
CVE-2008-0115 Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack,...
S
CVE-2008-0116 Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008...
S
CVE-2008-0117 Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac...
S
CVE-2008-0118 Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP...
S
CVE-2008-0119 Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 20...
CVE-2008-0120 Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary co...
S
CVE-2008-0121 A "memory calculation error" in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute ...
CVE-2008-0122 Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in l...
S
CVE-2008-0123 Cross-site scripting (XSS) vulnerability in install.php for Moodle 1.8.3, and possibly other version...
E
CVE-2008-0124 Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3-beta1 allows remote authent...
S
CVE-2008-0125 Cross-site scripting (XSS) vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows...
E
CVE-2008-0127 The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers t...
E S
CVE-2008-0128 The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5....
S
CVE-2008-0129 SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier a...
E
CVE-2008-0130 SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attacke...
CVE-2008-0131 Cross-site scripting (XSS) vulnerability in login_form.asp in Instant Softwares Dating Site allows r...
CVE-2008-0132 Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long input to sshd.exe by creating a...
CVE-2008-0133 Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute...
E
CVE-2008-0134 Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier...
CVE-2008-0135 Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficie...
CVE-2008-0136 Snitz Forums 2000 3.4.05 allows remote attackers to obtain sensitive information via a direct reques...
CVE-2008-0137 PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS PHP CLASSIFIEDS 5.0 allows re...
E
CVE-2008-0138 PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for...
E
CVE-2008-0139 Eval injection vulnerability in loudblog/inc/parse_old.php in Loudblog 0.8.0 and earlier allows remo...
E
CVE-2008-0140 Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote au...
E
CVE-2008-0141 actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of da...
E
CVE-2008-0142 Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute a...
E
CVE-2008-0143 PHP remote file inclusion vulnerability in common/db.php in samPHPweb, possibly 4.2.2 and others, as...
E
CVE-2008-0144 PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and earlier allows remote atta...
E
CVE-2008-0145 Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown imp...
E
CVE-2008-0146 Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL allows remote attackers to inj...
E
CVE-2008-0147 SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magic_quotes_gpc is di...
E
CVE-2008-0148 TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute ar...
E
CVE-2008-0149 TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpin...
E
CVE-2008-0150 Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, ...
CVE-2008-0151 Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote ...
E
CVE-2008-0152 SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote at...
CVE-2008-0153 telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (p...
CVE-2008-0154 SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execut...
E
CVE-2008-0155 Cross-site scripting (XSS) vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attack...
E
CVE-2008-0156 Absolute path traversal vulnerability in index.php in Million Dollar Script 2.0.14 allows remote att...
E
CVE-2008-0157 SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote attackers to execute arbitrary...
E
CVE-2008-0158 Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows...
E
CVE-2008-0159 SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to exe...
E
CVE-2008-0162 misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which all...
S
CVE-2008-0163 Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via ...
S
CVE-2008-0164 Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote...
E
CVE-2008-0165 Cross-site request forgery (CSRF) vulnerability in Ikiwiki before 2.42 allows remote attackers to mo...
CVE-2008-0166 OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random numb...
E S
CVE-2008-0167 The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by tr...
S
CVE-2008-0169 Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 through 2.47 allows remote atta...
CVE-2008-0171 regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 a...
E
CVE-2008-0172 The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex)...
CVE-2008-0173 SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrar...
S
CVE-2008-0174 GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which ...
CVE-2008-0175 Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earl...
CVE-2008-0176 Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM ...
CVE-2008-0177 The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does n...
E S
CVE-2008-0178 Cross-site scripting (XSS) vulnerability in the Enterprise Admin Session Monitoring component in Lif...
E S
CVE-2008-0179 Cross-site scripting (XSS) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal...
S
CVE-2008-0180 Cross-site scripting (XSS) vulnerability in themes/_unstyled/templates/init.vm in Liferay Portal 4.3...
CVE-2008-0181 Cross-site scripting (XSS) vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote ...
S
CVE-2008-0182 Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 ...
CVE-2008-0184 Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attacke...
E
CVE-2008-0185 SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remot...
E
CVE-2008-0186 Cross-site scripting (XSS) vulnerability in index.php in NetRisk 1.9.7 and possibly earlier allows r...
E
CVE-2008-0187 SQL injection vulnerability in songinfo.php in SAM Broadcaster samPHPweb, possibly 4.2.2 and earlier...
E
CVE-2008-0188 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2008-0189 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2008-0190 Multiple cross-site scripting (XSS) vulnerabilities in templates/example_template.php in AwesomeTemp...
E
CVE-2008-0191 WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p p...
CVE-2008-0192 Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 and earlier allow remote atta...
E
CVE-2008-0193 Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and po...
E
CVE-2008-0194 Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote a...
E
CVE-2008-0195 WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty va...
E
CVE-2008-0196 Multiple directory traversal vulnerabilities in WordPress 2.0.11 and earlier allow remote attackers ...
E
CVE-2008-0197 Multiple cross-site scripting (XSS) vulnerabilities in wp-contact-form/options-contactform.php in th...
CVE-2008-0198 Multiple cross-site request forgery (CSRF) vulnerabilities in wp-contact-form/options-contactform.ph...
E
CVE-2008-0199 PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values ...
E
CVE-2008-0200 Multiple cross-site scripting (XSS) vulnerabilities in account/index.html in RotaBanner Local 3 and ...
E
CVE-2008-0201 Cross-site scripting (XSS) vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows r...
E
CVE-2008-0202 CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attack...
CVE-2008-0203 Multiple cross-site scripting (XSS) vulnerabilities in cryptographp/admin.php in the Cryptographp 1....
E
CVE-2008-0204 Multiple cross-site scripting (XSS) vulnerabilities in math-comment-spam-protection.php in the Math ...
E
CVE-2008-0205 Multiple cross-site request forgery (CSRF) vulnerabilities in math-comment-spam-protection.php in th...
E
CVE-2008-0206 Multiple cross-site scripting (XSS) vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and ...
E
CVE-2008-0207 Multiple cross-site scripting (XSS) vulnerabilities in PRO-Search 0.17 and earlier allow remote atta...
E
CVE-2008-0208 Cross-site scripting (XSS) vulnerability in login.asp in Snitz Forums 2000 3.4.05 and earlier allows...
E
CVE-2008-0209 Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3.4.06 and earlier allows remot...
E
CVE-2008-0210 Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set thr...
E
CVE-2008-0211 Unspecified vulnerability in the BIOS F.04 through F.11 for the HP Compaq Business Notebook PC allow...
CVE-2008-0212 ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to...
S
CVE-2008-0213 Unspecified vulnerability in a certain ActiveX control for HP Virtual Rooms (HPVR) 6 and earlier all...
CVE-2008-0214 Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 al...
CVE-2008-0215 Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management (SRM) befo...
CVE-2008-0216 The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain p...
S
CVE-2008-0217 The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-ter...
S
CVE-2008-0218 Cross-site scripting (XSS) vulnerability in admin/index.html in Merak IceWarp Mail Server allows rem...
E
CVE-2008-0219 SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote attackers ...
E
CVE-2008-0220 Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX co...
E
CVE-2008-0221 Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX contro...
E
CVE-2008-0222 Unrestricted file upload vulnerability in ajaxfilemanager.php in the Wp-FileManager 1.2 plugin for W...
E
CVE-2008-0223 Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, ...
CVE-2008-0224 SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 a...
E
CVE-2008-0225 Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 ...
E
CVE-2008-0226 Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, ...
CVE-2008-0227 yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to ca...
E
CVE-2008-0228 Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broad...
CVE-2008-0229 The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Modem Router with firmware 1.00.11...
CVE-2008-0230 PHP remote file inclusion vulnerability in php121db.php in osDate 2.0.8 and possibly earlier version...
E
CVE-2008-0231 Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze...
E
CVE-2008-0232 Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote attackers to execute arbit...
E
CVE-2008-0233 Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to ...
E
CVE-2008-0234 Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunnel...
E S
CVE-2008-0235 The Microsoft VFP_OLE_Server ActiveX control allows remote attackers to execute arbitrary code by in...
E
CVE-2008-0236 An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) allows remote attackers to exe...
E
CVE-2008-0237 The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 allows remote attackers to execu...
E
CVE-2008-0238 Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-...
CVE-2008-0239 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 thro...
E S
CVE-2008-0240 /idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows rem...
E S
CVE-2008-0241 Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 throu...
E S
CVE-2008-0242 Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gai...
CVE-2008-0243 Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows attackers to cause a denial...
CVE-2008-0244 SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&...
E
CVE-2008-0245 admin.php in UploadImage 1.0 does not check for the original password before making a change to a ne...
E
CVE-2008-0246 admin.php in UploadScript 1.0 does not check for the original password before making a change to a n...
E
CVE-2008-0247 Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage M...
S
CVE-2008-0248 Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows...
E
CVE-2008-0249 PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to ad...
E
CVE-2008-0250 Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arb...
E
CVE-2008-0251 Unrestricted file upload vulnerability in PhotoPost vBGallery before 2.4.2 allows remote attackers t...
CVE-2008-0252 Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy ...
E S
CVE-2008-0253 SQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arb...
E
CVE-2008-0254 SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magi...
E
CVE-2008-0255 SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote atta...
E
CVE-2008-0256 Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers ...
E
CVE-2008-0257 Cross-site scripting (XSS) vulnerability in search.pl in Dansie Search Engine 2.7 allows remote atta...
CVE-2008-0258 Cross-site scripting (XSS) vulnerability in index.php in PHP Running Management (phpRunMan) before 1...
E S
CVE-2008-0259 Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow r...
E
CVE-2008-0260 minimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request...
E
CVE-2008-0261 Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote ...
S
CVE-2008-0262 SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote a...
E
CVE-2008-0263 The SIP module in Ingate Firewall before 4.6.1 and SIParator before 4.6.1 does not reuse SIP media p...
CVE-2008-0264 Unspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 module for Drupal, when images ar...
S
CVE-2008-0265 Multiple cross-site scripting (XSS) vulnerabilities in the Search function in the web management int...
CVE-2008-0266 Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attack...
E
CVE-2008-0267 Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execut...
E
CVE-2008-0268 Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to i...
E
CVE-2008-0269 Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a ...
S
CVE-2008-0270 SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated...
E
CVE-2008-0271 The editor deletion form in BUEditor 4.7.x before 4.7.x-1.0 and 5.x before 5.x-1.1, a module for Dru...
S
CVE-2008-0272 Cross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7....
S
CVE-2008-0273 Interpretation conflict in Drupal 4.7.x before 4.7.11 and 5.x before 5.6, when Internet Explorer 6 i...
S
CVE-2008-0274 Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess protections...
S
CVE-2008-0275 The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage perm...
CVE-2008-0276 Cross-site scripting (XSS) vulnerability in the Devel module before 5.x-0.1 for Drupal allows remote...
CVE-2008-0277 Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with ...
CVE-2008-0278 SQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly earlier allows remote attacke...
E
CVE-2008-0279 SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attacke...
E
CVE-2008-0280 SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote at...
E
CVE-2008-0281 SQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to e...
E
CVE-2008-0282 SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote atta...
E
CVE-2008-0283 PHP remote file inclusion vulnerability in /aides/index.php in DomPHP 0.81 and earlier allows remote...
E
CVE-2008-0284 Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.1.4 and earlier allows rem...
CVE-2008-0285 ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial ...
E
CVE-2008-0286 SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execu...
E
CVE-2008-0287 PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 allows remote attackers to execut...
E
CVE-2008-0288 Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbit...
E
CVE-2008-0289 PHP remote file inclusion vulnerability in view_func.php in Member Area System (MAS) 1.7 and possibl...
CVE-2008-0290 Multiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and earlier allow (1) remote attacker...
E
CVE-2008-0291 SQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute ...
E
CVE-2008-0292 Cross-site scripting (XSS) vulnerability in photo_album.pl in Dansie Photo Album 1.0 allows remote a...
CVE-2008-0293 Unspecified vulnerability in cron.php in FreeSeat before 1.1.5d, when format.php has certain modific...
CVE-2008-0294 Unspecified vulnerability in the seat-locking implementation in FreeSeat before 1.1.5d allows attack...
CVE-2008-0295 Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in Vid...
CVE-2008-0296 Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and ...
E
CVE-2008-0297 PhotoKorn allows remote attackers to obtain database credentials via a direct request to update/upda...
E
CVE-2008-0298 KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (brows...
E
CVE-2008-0299 common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly u...
E
CVE-2008-0300 mapFiler.php in Mapbender 2.4 to 2.4.4 allows remote attackers to execute arbitrary PHP code via PHP...
E S
CVE-2008-0301 Multiple SQL injection vulnerabilities in Mapbender 2.4.4 allow remote attackers to execute arbitrar...
E
CVE-2008-0302 Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows loca...
CVE-2008-0303 The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote...
CVE-2008-0304 Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might a...
S
CVE-2008-0306 sdbstarter in SAP MaxDB 7.6.0.37, and possibly other versions, allows local users to execute arbitra...
CVE-2008-0307 Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remot...
CVE-2008-0308 Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5...
CVE-2008-0309 Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products i...
CVE-2008-0310 Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users ...
E S
CVE-2008-0311 Stack-based buffer overflow in the PGMWebHandler::parse_request function in the StarTeam Multicast S...
CVE-2008-0312 Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in m...
S
CVE-2008-0313 The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in ...
S
CVE-2008-0314 Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execut...
E
CVE-2008-0318 Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, ...
S
CVE-2008-0320 Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers ...
CVE-2008-0322 The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Wri...
S
CVE-2008-0324 Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denia...
E
CVE-2008-0325 SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to ex...
E
CVE-2008-0326 SQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote attackers ...
E
CVE-2008-0327 SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows remote attackers to execute arb...
E
CVE-2008-0328 SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute ar...
E
CVE-2008-0329 LulieBlog 1.0.1 and 1.0.2 does not restrict access to (1) article_suppr.php, (2) comment_accepter.ph...
E
CVE-2008-0330 Open System Consultants (OSC) Radiator before 4.0 allows remote attackers to cause a denial of servi...
CVE-2008-0331 Unspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Rout...
CVE-2008-0332 Directory traversal vulnerability in arias/help/effect.php in aria 0.99-6 allows remote attackers to...
E
CVE-2008-0333 Directory traversal vulnerability in download_view_attachment.aspx in AfterLogic MailBee WebMail Pro...
E
CVE-2008-0334 Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4....
E
CVE-2008-0335 Cross-site scripting (XSS) vulnerability in BugTracker.NET before 2.7.2 allows remote attackers to i...
S
CVE-2008-0336 Multiple cross-site request forgery (CSRF) vulnerabilities in BugTracker.NET before 2.7.2 allow remo...
S
CVE-2008-0337 Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8...
E
CVE-2008-0338 Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Serve...
E
CVE-2008-0339 Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, a...
S
CVE-2008-0340 Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5,...
CVE-2008-0341 Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+ and 10....
S
CVE-2008-0342 Unspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, a...
S
CVE-2008-0343 Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8,...
CVE-2008-0344 Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 h...
CVE-2008-0345 Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact...
CVE-2008-0346 Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 a...
CVE-2008-0347 Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2;...
CVE-2008-0348 Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise an...
CVE-2008-0349 Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edward...
CVE-2008-0350 admin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not e...
E S
CVE-2008-0351 admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA tes...
E
CVE-2008-0352 The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic...
E
CVE-2008-0353 SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote a...
E
CVE-2008-0354 Cross-site scripting (XSS) vulnerability in the chat client in IBM Lotus Sametime 7.5 and 7.5.1 allo...
CVE-2008-0355 SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and ea...
E
CVE-2008-0356 Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Serv...
S
CVE-2008-0357 Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earl...
E
CVE-2008-0358 SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitra...
E S
CVE-2008-0359 Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b allow remote attackers to inj...
E S
CVE-2008-0360 Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote attackers to execute arbitrar...
E S
CVE-2008-0361 Directory traversal vulnerability in agregar_info.php in GradMan 0.1.3 and earlier allows remote att...
E
CVE-2008-0362 Cross-site scripting (XSS) vulnerability in gallery.php in Clever Copy 3.0 and earlier allows remote...
CVE-2008-0363 Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier allow remote attackers to exec...
CVE-2008-0364 Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent 1.7.5 and earlier, and 1.8-alpha...
E S
CVE-2008-0365 Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of servi...
CVE-2008-0366 CORE FORCE before 0.95.172 does not properly validate arguments to SSDT hook handler functions in th...
E S
CVE-2008-0367 Mozilla Firefox 2.0.0.11, 3.0b2, and possibly earlier versions, when prompting for HTTP Basic Authen...
CVE-2008-0368 onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbit...
CVE-2008-0369 Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local...
CVE-2008-0370 Cross-site scripting (XSS) vulnerability in dohtaccess.html in cPanel before 11.17 build 19417 allow...
CVE-2008-0371 Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when magic_quotes_gpc is disabled, allow ...
E
CVE-2008-0372 8e6 R3000 Internet Filter 2.0.05.33, and other versions before 2.0.11, allows remote attackers to by...
E
CVE-2008-0373 Unrestricted file upload vulnerability in PHP F1 Max's File Uploader allows remote attackers to uplo...
CVE-2008-0374 OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 sends the configurati...
CVE-2008-0375 Unspecified vulnerability in OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Pa...
CVE-2008-0376 PHP remote file inclusion vulnerability in inc/linkbar.php in Small Axe Weblog 0.3.1 allows remote a...
E
CVE-2008-0377 MicroNews allows remote attackers to bypass authentication and gain administrative privileges via a ...
CVE-2008-0378 Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" i...
CVE-2008-0379 Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal...
E
CVE-2008-0380 Buffer overflow in the Digital Data Communications RtspVaPgCtrl ActiveX control (RtspVapgDecoder.dll...
E
CVE-2008-0381 Unspecified vulnerability in Mahara before 0.9.1 has unknown impact and remote attack vectors, proba...
S
CVE-2008-0382 Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute...
E
CVE-2008-0383 Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and admini...
E S
CVE-2008-0384 OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTL...
E
CVE-2008-0385 SQL injection vulnerability in server/widgetallocator.php in Urulu 2.1 allows remote attackers to ex...
S
CVE-2008-0386 Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via ...
E
CVE-2008-0387 Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1....
CVE-2008-0388 SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress allows remote attackers to ex...
E
CVE-2008-0389 Unspecified vulnerability in the serveServletsByClassnameEnabled feature in IBM WebSphere Applicatio...
S
CVE-2008-0390 stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote attackers to inject arb...
E
CVE-2008-0391 inc/elementz.php in aliTalk 1.9.1.1 does not properly verify authentication, which allows remote att...
E
CVE-2008-0392 Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition 6.0 SP6 allow user-assisted r...
E
CVE-2008-0393 Directory traversal vulnerability in info.php in GradMan 0.1.3 and earlier allows remote attackers t...
E
CVE-2008-0394 Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote attackers to execute arbitrary...
E
CVE-2008-0395 Kayako SupportSuite 3.11.01 allows remote attackers to obtain server configuration information via a...
CVE-2008-0396 Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender pr...
E
CVE-2008-0397 Multiple SQL injection vulnerabilities in aflog 1.01, and possibly earlier versions, allow remote at...
E
CVE-2008-0398 Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly earlier versions, allows remote...
E
CVE-2008-0399 Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX....
E
CVE-2008-0400 Cross-site scripting (XSS) vulnerability in header.tpl.php in the modern template for Singapore 0.10...
E
CVE-2008-0401 Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager f...
S
CVE-2008-0402 Unspecified vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 before Interi...
S
CVE-2008-0403 The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for S...
E
CVE-2008-0404 Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows remote attackers to inject ar...
S
CVE-2008-0405 Multiple directory traversal vulnerabilities in HTTP File Server (HFS) before 2.2c, when account nam...
E
CVE-2008-0406 HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allows remote atta...
CVE-2008-0407 HTTP File Server (HFS) before 2.2c tags HTTP request log entries with the username sent during HTTP ...
E
CVE-2008-0408 HTTP File Server (HFS) before 2.2c allows remote attackers to append arbitrary text to the log file ...
E
CVE-2008-0409 Cross-site scripting (XSS) vulnerability in HTTP File Server (HFS) before 2.2c allows remote attacke...
E
CVE-2008-0410 HTTP File Server (HFS) before 2.2c allows remote attackers to obtain configuration and usage details...
E
CVE-2008-0411 Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier a...
E S
CVE-2008-0412 The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey be...
CVE-2008-0413 The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey...
CVE-2008-0414 Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to ...
CVE-2008-0415 Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remo...
CVE-2008-0416 Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird...
CVE-2008-0417 CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web site...
CVE-2008-0418 Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, a...
CVE-2008-0419 Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigati...
CVE-2008-0420 modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before...
CVE-2008-0421 SQL injection vulnerability in Invision Gallery 2.0.7 and earlier allows remote attackers to execute...
E
CVE-2008-0422 SQL injection vulnerability in mail.php in boastMachine (aka bMachine) 3.1 and earlier allows remote...
E
CVE-2008-0423 Multiple PHP remote file inclusion vulnerabilities in Lama Software allow remote attackers to execut...
E
CVE-2008-0424 SQL injection vulnerability in blog.php in Mooseguy Blog System (MGBS) 1.0 allows remote attackers t...
E
CVE-2008-0425 Absolute path traversal vulnerability in explorerdir.php in Frimousse 0.0.2 allows remote attackers ...
E
CVE-2008-0426 Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PacerCMS before 0.6.1 allow rem...
S
CVE-2008-0427 Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows remote attackers to read arbi...
E
CVE-2008-0428 Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloo...
E
CVE-2008-0429 SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange 2.0 allows remote...
E
CVE-2008-0430 SQL injection vulnerability in form.php in 360 Web Manager 3.0 allows remote attackers to execute ar...
E
CVE-2008-0431 Directory traversal vulnerability in administrator/download.php in IDMOS (aka Phoenix) 1.0 allows re...
E
CVE-2008-0432 Cross-site scripting (XSS) vulnerability in index.php in phpAutoVideo 2.21 and earlier allows remote...
E
CVE-2008-0433 PHP remote file inclusion vulnerability in theme/phpAutoVideo/LightTwoOh/sidebar.php in Agares phpAu...
E
CVE-2008-0434 Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attack...
E
CVE-2008-0435 Directory traversal vulnerability in index.php in OZJournals 2.1.1 allows remote attackers to read p...
E
CVE-2008-0436 Cross-site scripting (XSS) vulnerability in profile-upload/upload.asp in PD9 Software MegaBBS 1.5.14...
E
CVE-2008-0437 Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14...
E
CVE-2008-0438 Cross-site scripting (XSS) vulnerability in the font rendering functionality in Novemberborn sIFR 2....
E S
CVE-2008-0439 Cross-site scripting (XSS) vulnerability in templates/default/admincp/attachments_header.php in Delu...
CVE-2008-0440 AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in cleartext, which makes it easier for ...
E
CVE-2008-0441 IBM Tivoli Business Service Manager (TBSM) 4.1.1 stores passwords in cleartext (1) after external au...
E
CVE-2008-0442 PHP remote file inclusion vulnerability in inc/linkbar.php in Small Axe Weblog 0.3.1 allows remote a...
E
CVE-2008-0443 Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0....
E
CVE-2008-0444 Cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) before 2.7.0 allows remote att...
S
CVE-2008-0445 The replace_inline_img function in elogd in Electronic Logbook (ELOG) before 2.7.1 allows remote att...
S
CVE-2008-0446 SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbi...
E
CVE-2008-0447 SQL injection vulnerability in index.php in Foojan WMS PHP Weblog 1.0 allows remote attackers to exe...
E
CVE-2008-0448 PHP remote file inclusion vulnerability in utils/class_HTTPRetriever.php in phpSearch allows remote ...
CVE-2008-0449 SQL injection vulnerability in paypalresult.asp in VP-ASP Shopping Cart 6.50 and earlier allows remo...
S
CVE-2008-0450 Multiple PHP remote file inclusion vulnerabilities in BLOG:CMS 4.2.1.c allow remote attackers to exe...
CVE-2008-0451 Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute a...
S
CVE-2008-0452 Directory traversal vulnerability in articles.php in Siteman 1.1.9 allows remote attackers to read a...
E
CVE-2008-0453 SQL injection vulnerability in list.php in Easysitenetwork Recipe allows remote attackers to execute...
E
CVE-2008-0454 Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earl...
CVE-2008-0455 Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2...
E
CVE-2008-0456 CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earli...
E
CVE-2008-0457 Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apa...
E S
CVE-2008-0458 Directory traversal vulnerability in function/sources.php in SLAED CMS 2.5 Lite allows remote attack...
E
CVE-2008-0459 Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magic_quotes_g...
E
CVE-2008-0460 Cross-site scripting (XSS) vulnerability in api.php in (1) MediaWiki 1.11 through 1.11.0rc1, 1.10 th...
CVE-2008-0461 SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and earlier, whe...
E
CVE-2008-0462 Cross-site scripting (XSS) vulnerability in the Archive 5.x before 5.x-1.8 module for Drupal allows ...
S
CVE-2008-0463 Cross-site scripting (XSS) vulnerability in the Workflow 4.7.x before 4.7.x-1.2 and 5.x before 5.x-1...
S
CVE-2008-0464 Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 a...
E
CVE-2008-0465 Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read ...
E
CVE-2008-0466 Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor 4.0, Web Wiz Forums 9.07, and W...
E
CVE-2008-0467 Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote...
CVE-2008-0468 SQL injection vulnerability in category.php in Flinx 1.3 and earlier allows remote attackers to exec...
E
CVE-2008-0469 SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows rem...
E
CVE-2008-0470 A certain ActiveX control in Comodo AntiVirus 2.0 allows remote attackers to execute arbitrary comma...
E
CVE-2008-0471 Cross-site request forgery (CSRF) vulnerability in privmsg.php in phpBB 2.0.22 allows remote attacke...
CVE-2008-0472 Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL...
CVE-2008-0473 RTE_popup_save_file.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to upload (1) .html ...
E
CVE-2008-0474 Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 8.1 build 8...
CVE-2008-0475 ManageEngine Applications Manager 8.1 build 8100 allows remote attackers to obtain sensitive informa...
CVE-2008-0476 ManageEngine Applications Manager 8.1 build 8100 does not check authentication for monitorType.do an...
CVE-2008-0477 Stack-based buffer overflow in the QMPUpgrade.Upgrade.1 ActiveX control in QMPUpgrade.dll 1.0.0.1 in...
E
CVE-2008-0478 Directory traversal vulnerability in index.php in SetCMS 3.6.5 allows remote attackers to include an...
E
CVE-2008-0479 Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz NewsPad 1.02 allows remote atta...
E
CVE-2008-0480 Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and earlier allow remote attacke...
E
CVE-2008-0481 Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows rem...
E
CVE-2008-0485 Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attack...
E
CVE-2008-0486 Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and p...
E
CVE-2008-0487 Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to exe...
E
CVE-2008-0488 Directory traversal vulnerability in tseekdir.cgi in VB Marketing allows remote attackers to include...
E
CVE-2008-0489 Directory traversal vulnerability in install.php in Clansphere 2007.4.4 allows remote attackers to i...
E
CVE-2008-0490 SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows...
E
CVE-2008-0491 SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote ...
E
CVE-2008-0492 Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control in XUpload.ocx 3.0.0.4 and earl...
E
CVE-2008-0493 fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitra...
E
CVE-2008-0494 Cross-site scripting (XSS) vulnerability in vpnum/userslist.php in Endian Firewall 2.1.2 allows remo...
E
CVE-2008-0495 Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3.2....
CVE-2008-0496 Cross-site scripting (XSS) vulnerability in index.php in AmpJuke 0.7.0 allows remote attackers to in...
CVE-2008-0497 Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS 3.31 allows remote attackers t...
S
CVE-2008-0498 SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers t...
E
CVE-2008-0499 SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL ...
S
CVE-2008-0500 Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors r...
S
CVE-2008-0501 Directory traversal vulnerability in phpMyClub 0.0.1 allows remote attackers to include and execute ...
E
CVE-2008-0502 PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boar...
E
CVE-2008-0503 Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote att...
E
CVE-2008-0504 Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote ...
S
CVE-2008-0505 Multiple cross-site scripting (XSS) vulnerabilities in docs/showdoc.php in Coppermine Photo Gallery ...
S
CVE-2008-0506 include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagic...
E S
CVE-2008-0507 SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote att...
E
CVE-2008-0508 Cross-site request forgery (CSRF) vulnerability in deans_permalinks_migration.php in the Dean's Perm...
E S
CVE-2008-0509 Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash)...
CVE-2008-0510 SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 ...
E
CVE-2008-0511 SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! al...
E
CVE-2008-0512 SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows r...
E
CVE-2008-0513 Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows re...
E
CVE-2008-0514 SQL injection vulnerability in index.php in the Glossary (com_glossary) 2.0 component for Mambo and ...
E
CVE-2008-0515 SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joom...
E
CVE-2008-0516 PHP remote file inclusion vulnerability in spaw/dialogs/confirm.php in SQLiteManager 1.2.0 allows re...
CVE-2008-0517 SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 compo...
E
CVE-2008-0518 SQL injection vulnerability in index.php in the Recipes (com_recipes) 1.00 component for Mambo and J...
E
CVE-2008-0519 SQL injection vulnerability in index.php in the Atapin Jokes (com_jokes) 1.0 component for Mambo and...
E
CVE-2008-0520 Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPr...
E
CVE-2008-0521 Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to read...
E
CVE-2008-0522 Cross-site scripting (XSS) vulnerability in multiple Hal Networks shopping-cart products allows remo...
CVE-2008-0523 Multiple cross-site scripting (XSS) vulnerabilities in SoftCart.exe in SoftCart 5.1.2.2 allow remote...
CVE-2008-0524 Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT se...
CVE-2008-0525 PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for Linux...
CVE-2008-0526 Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to...
S
CVE-2008-0527 The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attacker...
S
CVE-2008-0528 Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might al...
S
CVE-2008-0529 Buffer overflow in the telnet server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, an...
S
CVE-2008-0530 Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP and SIP firmware...
S
CVE-2008-0531 Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmwa...
S
CVE-2008-0532 Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4....
E S
CVE-2008-0533 Multiple cross-site scripting (XSS) vulnerabilities in securecgi-bin/CSuserCGI.exe in User-Changeabl...
E S
CVE-2008-0534 The SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant ...
S
CVE-2008-0535 Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, ...
S
CVE-2008-0536 Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) 3.0.x before 3...
S
CVE-2008-0537 Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and R...
CVE-2008-0538 Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute a...
E
CVE-2008-0539 Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Secu...
E
CVE-2008-0540 Multiple cross-site scripting (XSS) vulnerabilities in trixbox 2.4.2.0 allow remote attackers to inj...
E
CVE-2008-0541 Multiple cross-site scripting (XSS) vulnerabilities in forum.php in Gerd Tentler Simple Forum 3.2 al...
E
CVE-2008-0542 Directory traversal vulnerability in thumbnail.php in Gerd Tentler Simple Forum 3.2 allows remote at...
E
CVE-2008-0543 Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute ...
CVE-2008-0544 Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 all...
E
CVE-2008-0545 Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to incl...
E
CVE-2008-0546 Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allo...
E
CVE-2008-0547 Cross-site scripting (XSS) vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1....
E
CVE-2008-0548 Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) via...
CVE-2008-0549 Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 and earlier allows remote authen...
E
CVE-2008-0550 Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of servic...
E
CVE-2008-0551 The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web...
E
CVE-2008-0552 Cross-site scripting (XSS) vulnerability in index.php in eTicket 1.5.6-RC4 allows remote attackers t...
E
CVE-2008-0553 Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allo...
S
CVE-2008-0554 Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before ...
CVE-2008-0555 The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/'...
E S
CVE-2008-0556 Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions...
CVE-2008-0557 SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for ...
E
CVE-2008-0558 Cross-site scripting (XSS) vulnerability in Uniwin eCart Professional before 2.0.16 allows remote at...
CVE-2008-0559 Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to incl...
E
CVE-2008-0560 PHP remote file inclusion vulnerability in cforms-css.php in Oliver Seidel cforms (contactforms), a ...
CVE-2008-0561 SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta co...
E
CVE-2008-0562 SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo ...
E
CVE-2008-0563 Cross-site request forgery (CSRF) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay...
CVE-2008-0564 Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attacker...
CVE-2008-0565 SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 and earlier allows remote atta...
E
CVE-2008-0566 PHP remote file inclusion vulnerability in includes/smarty.php in DeltaScripts PHP Links 1.3 and ear...
E
CVE-2008-0567 Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2...
E
CVE-2008-0568 Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 ...
S
CVE-2008-0569 The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly...
CVE-2008-0570 The OpenID 5.x-1.0 and earlier module for Drupal does not properly verify the claimed_id returned by...
CVE-2008-0571 The point moderation form in the Userpoints 4.7.x before 4.7.x-2.3, 5.x-2 before 5.x-2.16, and 5.x-3...
S
CVE-2008-0572 Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to ex...
E
CVE-2008-0573 IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain pri...
E
CVE-2008-0574 Cross-site scripting (XSS) vulnerability in index.php in webSPELL 4.01.02 allows remote attackers to...
E
CVE-2008-0575 Cross-site request forgery (CSRF) vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows ...
CVE-2008-0576 Cross-site scripting (XSS) vulnerability in the Project Issue Tracking module 5.x-2.x-dev before 200...
CVE-2008-0577 The Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and ear...
CVE-2008-0578 Cross-site scripting (XSS) vulnerability in the web management login page in Tripwire Enterprise 7.0...
CVE-2008-0579 SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! al...
E
CVE-2008-0580 Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed str...
CVE-2008-0581 Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password fr...
CVE-2008-0582 Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.2...
CVE-2008-0583 Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earl...
E
CVE-2008-0584 Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 allow local users to gain privil...
CVE-2008-0585 sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 has world writable permissions for unspecified WebSM R...
CVE-2008-0586 Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecifie...
CVE-2008-0587 Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local...
CVE-2008-0588 Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local u...
S
CVE-2008-0589 The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitiv...
CVE-2008-0590 Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to caus...
E
CVE-2008-0591 Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay tim...
E
CVE-2008-0592 Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to ...
E
CVE-2008-0593 Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify t...
CVE-2008-0594 Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire c...
E
CVE-2008-0595 dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in ...
S
CVE-2008-0596 Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a d...
CVE-2008-0597 Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attac...
CVE-2008-0598 Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and ...
CVE-2008-0599 The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider...
E
CVE-2008-0600 The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain us...
E
CVE-2008-0601 SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote at...
E
CVE-2008-0602 Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows rem...
E
CVE-2008-0603 SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mamb...
E
CVE-2008-0604 The LDAP authentication feature in XLight FTP Server before 2.83, when used with some unspecified LD...
S
CVE-2008-0605 Multiple cross-site scripting (XSS) vulnerabilities in AstroSoft HelpDesk before 1.95.228 allow remo...
E
CVE-2008-0606 SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla...
E
CVE-2008-0607 SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2....
E
CVE-2008-0608 The Logging Server (ftplogsrv.exe) 7.9.14.0 and earlier in IPSwitch WS_FTP 6.1 allows remote attacke...
CVE-2008-0609 Directory traversal vulnerability in index.php in DivideConcept VHD Web Pack 2.0 allows remote attac...
E
CVE-2008-0610 Stack-based buffer overflow in the ClientConnection::NegotiateProtocolVersion function in vncviewer/...
E S
CVE-2008-0611 SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS all...
E
CVE-2008-0612 Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attacker...
E S
CVE-2008-0613 Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect u...
E S
CVE-2008-0614 SQL injection vulnerability in index.php in Photokorn Gallery 1.543 allows remote attackers to execu...
E
CVE-2008-0615 Directory traversal vulnerability in wp-admin/admin.php in the DMSGuestbook 1.8.0 and 1.7.0 plugin f...
E
CVE-2008-0616 SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPre...
E
CVE-2008-0617 Multiple cross-site scripting (XSS) vulnerabilities in the DMSGuestbook 1.7.0 plugin for WordPress a...
E
CVE-2008-0618 Multiple cross-site scripting (XSS) vulnerabilities in the DMSGuestbook 1.8.0 and 1.7.0 plugin for W...
CVE-2008-0619 Buffer overflow in NeroMediaPlayer.exe in Nero Media Player 1.4.0.35 and earlier allows remote attac...
E
CVE-2008-0620 SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers t...
E
CVE-2008-0621 Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows...
E
CVE-2008-0622 Cross-site scripting (XSS) vulnerability in RaidenHTTPD 2.0.19 and earlier allows remote attackers t...
S
CVE-2008-0623 Stack-based buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! Music Jukeb...
E
CVE-2008-0624 Buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! JukeBox 2.2.2.56 allows...
E
CVE-2008-0625 Buffer overflow in the MediaGrid ActiveX control (mediagrid.dll) in Yahoo! Music Jukebox 2.2.2.56 al...
E
CVE-2008-0626 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6303. Reason: This candida...
R
CVE-2008-0627 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6304. Reason: This candida...
R
CVE-2008-0628 The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes ex...
S
CVE-2008-0629 Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted...
CVE-2008-0630 Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute ...
CVE-2008-0631 Multiple ActiveX controls in MailBee.dll in MailBee Objects 5.5 allow remote attackers to (1) overwr...
E
CVE-2008-0632 Unrestricted file upload vulnerability in cp_upload_image.php in LightBlog 9.5 allows remote attacke...
E
CVE-2008-0633 Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows ...
S
CVE-2008-0634 Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as ...
E
CVE-2008-0635 Unspecified vulnerability in the delivery engine in Openads 2.4.0 through 2.4.2 allows remote attack...
E S
CVE-2008-0636 Level Platforms, Inc. (LPI) Managed Workplace Service Center 4.x, 5.x and 6.x allows remote attacker...
E
CVE-2008-0638 Heap-based buffer overflow in the Veritas Enterprise Administrator (VEA) service (aka vxsvc.exe) in ...
S
CVE-2008-0639 Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Nov...
S
CVE-2008-0640 Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connect...
S
CVE-2008-0642 Cross-site scripting (XSS) vulnerability in files created by Adobe RoboHelp 6 and 7, possibly involv...
S
CVE-2008-0643 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 and ColdFusion 8 allows remote att...
S
CVE-2008-0644 Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to bypass the cross-site scripting (X...
S
CVE-2008-0645 Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 allow remote attackers...
E
CVE-2008-0646 The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent be...
E S
CVE-2008-0647 Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control i...
E
CVE-2008-0648 Multiple PHP remote file inclusion vulnerabilities in OpenSiteAdmin 0.9.1.1 and earlier allow remote...
E
CVE-2008-0649 SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remo...
E
CVE-2008-0650 SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execu...
E
CVE-2008-0651 SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to exec...
E
CVE-2008-0652 SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Jo...
E
CVE-2008-0653 SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows...
E
CVE-2008-0654 Multiple directory traversal vulnerabilities in Azucar CMS 1.3 allow remote attackers to include and...
CVE-2008-0655 Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact an...
KEV E S
CVE-2008-0656 Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 an...
CVE-2008-0657 Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 a...
S
CVE-2008-0658 slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated ...
E
CVE-2008-0659 Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 an...
E
CVE-2008-0660 Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx)...
E
CVE-2008-0661 Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote attackers to execute arbitrary co...
E
CVE-2008-0662 The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Window...
CVE-2008-0663 Novell Challenge Response Client (LCM) 2.7.5 and earlier, as used with Novell Client for Windows 4.9...
CVE-2008-0664 The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, all...
S
CVE-2008-0665 wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arb...
E
CVE-2008-0666 Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink att...
E
CVE-2008-0667 The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2...
S
CVE-2008-0668 The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1...
S
CVE-2008-0669 Cross-site scripting (XSS) vulnerability in search.cgi in Sift Unity allows remote attackers to inje...
CVE-2008-0670 SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! al...
E
CVE-2008-0671 Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 a...
CVE-2008-0672 The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to ca...
CVE-2008-0673 TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-transfer request, bef...
CVE-2008-0674 Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular e...
CVE-2008-0675 SQL injection vulnerability in cms/index.pl in The Everything Development Engine in The Everything D...
E
CVE-2008-0676 Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote attackers to inject...
E
CVE-2008-0677 SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL...
E
CVE-2008-0678 SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary...
E
CVE-2008-0679 Cross-site scripting (XSS) vulnerability in index.php in BlogPHP 2.0 allows remote attackers to inje...
E
CVE-2008-0680 SNMPd in MikroTik RouterOS 3.2 and earlier allows remote attackers to cause a denial of service (dae...
E
CVE-2008-0681 SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitra...
E
CVE-2008-0682 SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress all...
E
CVE-2008-0683 SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plu...
E
CVE-2008-0684 Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attack...
CVE-2008-0685 SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execut...
CVE-2008-0686 SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 co...
E
CVE-2008-0687 Cross-site scripting (XSS) vulnerability in siteadmin/editor_files/includes/load_message.php in the ...
CVE-2008-0688 Cross-site scripting (XSS) vulnerability in catalog.php in Smartscript Domain Trader 2.0 allows remo...
E
CVE-2008-0689 SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 co...
E
CVE-2008-0690 SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joo...
E
CVE-2008-0691 Multiple cross-site scripting (XSS) vulnerabilities in admin_panel.php in the Simon Elvery WP-Footno...
CVE-2008-0692 SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to...
E
CVE-2008-0693 Stack-based buffer overflow in PQCore.exe in Print Manager Plus 2008 Client Billing and Authenticati...
CVE-2008-0694 Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows r...
CVE-2008-0695 SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute...
E
CVE-2008-0696 IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement...
CVE-2008-0697 Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain ro...
CVE-2008-0698 Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, an...
CVE-2008-0699 Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2...
S
CVE-2008-0700 Cross-site scripting (XSS) vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote at...
CVE-2008-0701 ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, whi...
CVE-2008-0702 Multiple heap-based buffer overflows in Titan FTP Server 6.03 and 6.0.5.549 allow remote attackers t...
E
CVE-2008-0703 Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary...
E
CVE-2008-0704 Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha pl...
S
CVE-2008-0705 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-0706 Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physical...
S
CVE-2008-0707 HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows loca...
S
CVE-2008-0708 HP USB 2.0 Floppy Drive Key product options (1) 442084-B21 and (2) 442085-B21 for certain HP ProLian...
CVE-2008-0709 Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 al...
CVE-2008-0710 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2008-0711 Unspecified vulnerability in the embedded management console in HP iLO-2 Management Processors (iLO-...
CVE-2008-0712 Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll...
CVE-2008-0713 Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote au...
CVE-2008-0714 SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute a...
E
CVE-2008-0715 Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user-assisted remote attackers to ...
CVE-2008-0716 The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 allows local users to gain privi...
S
CVE-2008-0717 Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 through 6.1 in IBM WebSphere Edge...
CVE-2008-0718 Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-b...
CVE-2008-0719 SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addo...
E
CVE-2008-0720 Cross-site scripting (XSS) vulnerability in Webmin 1.370 and 1.390 and Usermin 1.300 and 1.320 allow...
CVE-2008-0721 SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows r...
E
CVE-2008-0722 Cross-site scripting (XSS) vulnerability in index.php in Pagetool 1.0.7 allows remote attackers to i...
E
CVE-2008-0723 Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews 1.6.4, and other earlier 1.6.x ...
E
CVE-2008-0724 The Everything Development Engine in The Everything Development System Pre-1.0 and earlier stores pa...
E
CVE-2008-0725 Multiple heap-based buffer overflows in the (1) FTP service and (2) administration service in Titan ...
CVE-2008-0726 Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute ar...
S
CVE-2008-0727 Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow ...
CVE-2008-0728 The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and ...
S
CVE-2008-0729 Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (...
E
CVE-2008-0730 The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and (4) Thai language input methods...
CVE-2008-0731 The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an Ap...
CVE-2008-0732 The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation...
S
CVE-2008-0733 SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers t...
E
CVE-2008-0734 SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, a...
E S
CVE-2008-0735 SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attack...
E
CVE-2008-0736 admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and possibly other 4.x and 3.x versions, al...
E
CVE-2008-0737 SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other...
E
CVE-2008-0738 Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allo...
E
CVE-2008-0739 SQL injection vulnerability in admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and earlier ...
E
CVE-2008-0740 IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) and 6.1 before Fix Pack 1...
S
CVE-2008-0741 Unspecified vulnerability in the PropFilePasswordEncoder utility in IBM WebSphere Application Server...
S
CVE-2008-0742 Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers ...
E
CVE-2008-0743 PHP remote file inclusion vulnerability in members_help.php in Joovili 2.1 and earlier allows remote...
CVE-2008-0744 SQL injection vulnerability in user_login.asp in PreProjects.com Pre Hotels & Resorts Management Sys...
E
CVE-2008-0745 Directory traversal vulnerability in aides/index.php in DomPHP 0.82 allows remote attackers to inclu...
E
CVE-2008-0746 SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla...
E
CVE-2008-0747 Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote ...
E
CVE-2008-0748 Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX control in AxRUploadServer.dl...
E
CVE-2008-0749 Cross-site scripting (XSS) vulnerability in index.php in Calimero.CMS 3.3 allows remote attackers to...
E
CVE-2008-0750 SQL injection vulnerability in philboard_forum.asp in Husrev BlackBoard 2.0.2 allows remote attacker...
CVE-2008-0751 Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when...
E S
CVE-2008-0752 SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla...
E
CVE-2008-0753 SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 allows remote attackers to exe...
E
CVE-2008-0754 Multiple SQL injection vulnerabilities in index.php in the Rapid Recipe (com_rapidrecipe) 1.6.5 comp...
CVE-2008-0755 Format string vulnerability in the ReportSysLogEvent function in the LPD server in cyan soft Opium O...
E
CVE-2008-0756 The LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Profession...
E
CVE-2008-0757 Cross-site scripting (XSS) vulnerability in index.php in MercuryBoard 1.1.5 allows remote attackers ...
CVE-2008-0758 Multiple directory traversal vulnerabilities in the Zidget/HTTP embedded HTTP server in ExtremeZ-IP ...
CVE-2008-0759 ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier allows remote attackers to...
CVE-2008-0760 Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sen...
E
CVE-2008-0761 SQL injection vulnerability in index.php in the Prince Clan Chess Club (com_pcchess) 0.8 and earlier...
E
CVE-2008-0762 SQL injection vulnerability in index.php in the com_iomezun component for Joomla! allows remote atta...
CVE-2008-0763 Stack-based buffer overflow in NPSpcSVR.exe in Larson Network Print Server (LstNPS) 9.4.2 build 105 ...
E
CVE-2008-0764 Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 bu...
E
CVE-2008-0765 Multiple cross-site scripting (XSS) vulnerabilities in artmedic webdesign weblog allow remote attack...
E
CVE-2008-0766 Stack-based buffer overflow in RpmSrvc.exe in Brooks Remote Print Manager (RPM) 4.5.1.11 and earlier...
CVE-2008-0767 ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a cer...
CVE-2008-0768 Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix ...
CVE-2008-0769 Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier do...
CVE-2008-0770 SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers t...
E
CVE-2008-0771 Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute...
CVE-2008-0772 SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remot...
E
CVE-2008-0773 SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and e...
E
CVE-2008-0774 Cross-site scripting (XSS) vulnerability in search.cgi in Loris Hotel Reservation System 3.01 and po...
CVE-2008-0775 Cross-site scripting (XSS) vulnerability in sboxDB.php in Simple Machines Forum (SMF) Shoutbox 1.14 ...
CVE-2008-0776 SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows remote attackers to execute a...
E
CVE-2008-0777 The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file desc...
E S
CVE-2008-0778 Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4....
E
CVE-2008-0779 The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and earlier doe...
CVE-2008-0780 Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5.8 and 1.6.x before 1.6.1 allo...
CVE-2008-0781 Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.5.8 and ea...
CVE-2008-0782 Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite...
E
CVE-2008-0783 Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0....
E S
CVE-2008-0784 graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the...
E S
CVE-2008-0785 Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow re...
E S
CVE-2008-0786 CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on o...
S
CVE-2008-0787 SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authentic...
E S
CVE-2008-0788 Multiple cross-site request forgery (CSRF) vulnerabilities in MyBB 1.2.11 and earlier allow remote a...
E S
CVE-2008-0789 SQL injection vulnerability in countdown.php in LI-Scripts LI-Countdown allows remote attackers to e...
CVE-2008-0790 Directory traversal vulnerability in ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remot...
E
CVE-2008-0791 ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attackers to cause a denial of serv...
E
CVE-2008-0792 Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 200...
S
CVE-2008-0793 Multiple cross-site scripting (XSS) vulnerabilities in search.asp in Tendenci CMS allow remote attac...
CVE-2008-0794 Directory traversal vulnerability in user/header.php in Affiliate Market 0.1 BETA allows remote atta...
E
CVE-2008-0795 SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joo...
E
CVE-2008-0796 SQL injection vulnerability in threads.php in Nuboard 0.5 allows remote attackers to execute arbitra...
E
CVE-2008-0797 Directory traversal vulnerability in lib/download.php in iTheora 1.0 rc1 allows remote attackers to ...
S
CVE-2008-0798 Multiple directory traversal vulnerabilities in artmedic webdesign weblog 1.0, when magic_quotes_gpc...
E
CVE-2008-0799 SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo...
E
CVE-2008-0800 SQL injection vulnerability in index.php in the McQuiz (com_mcquiz) 0.9 Final component for Joomla! ...
E
CVE-2008-0801 SQL injection vulnerability in index.php in the PAXXGallery (com_paxxgallery) 0.2 component for Mamb...
E
CVE-2008-0802 SQL injection vulnerability in index.php in the MediaSlide (com_mediaslide) 0.5 component for Joomla...
E
CVE-2008-0803 Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan Manager 0.9 allow remote attack...
E
CVE-2008-0804 PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remo...
E
CVE-2008-0805 Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attacke...
E
CVE-2008-0806 wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[US...
E
CVE-2008-0807 lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC...
S
CVE-2008-0808 Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote a...
CVE-2008-0809 Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote ...
CVE-2008-0810 SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attacke...
E
CVE-2008-0811 Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote attackers to execute arbitrary S...
E
CVE-2008-0812 Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 allows remote attackers to incl...
E
CVE-2008-0813 Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions...
E
CVE-2008-0814 Directory traversal vulnerability in download.php in Tracking Requirements & Use Cases (TRUC) 0.11.0...
E
CVE-2008-0815 SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execut...
CVE-2008-0816 SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to...
E
CVE-2008-0817 SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attack...
E
CVE-2008-0818 Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote attackers to include...
E
CVE-2008-0819 Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote at...
E
CVE-2008-0820 Cross-site scripting (XSS) vulnerability in index.php in Etomite 0.6.1.4 Final allows remote attacke...
E
CVE-2008-0821 SQL injection vulnerability in admin/traffic/knowledge_searchm.php in OSI Codes Inc. PHP Live! 3.2.2...
E
CVE-2008-0822 Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read arbitra...
E
CVE-2008-0823 Unspecified vulnerability in the Header Image Module before 5.x-1.1 for Drupal allows remote attacke...
S
CVE-2008-0824 Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and ...
S
CVE-2008-0825 SQL injection vulnerability in Claroline before 1.8.9 allows remote attackers to execute arbitrary S...
CVE-2008-0826 Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 allows remote attackers to inject...
CVE-2008-0827 SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbit...
E
CVE-2008-0828 Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 and earlier allow remote attacke...
S
CVE-2008-0829 SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component fo...
E S
CVE-2008-0830 The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a ...
E
CVE-2008-0831 Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier compo...
E
CVE-2008-0832 SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component f...
E
CVE-2008-0833 SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote atta...
E
CVE-2008-0834 Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when an...
S
CVE-2008-0835 SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and earlier allows remote attackers t...
E
CVE-2008-0836 Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectur...
S
CVE-2008-0837 Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2....
CVE-2008-0838 Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES...
E
CVE-2008-0839 SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! ...
E
CVE-2008-0840 Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote...
E
CVE-2008-0841 SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component fo...
E
CVE-2008-0842 SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! all...
E
CVE-2008-0843 StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configurati...
E
CVE-2008-0844 SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! al...
E
CVE-2008-0845 SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPres...
CVE-2008-0846 SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote atta...
E
CVE-2008-0847 SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to...
E
CVE-2008-0848 Cross-site scripting (XSS) vulnerability in lostsheep.php in Crafty Syntax Live Help (CSLH) before 2...
CVE-2008-0849 SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Jo...
E
CVE-2008-0850 Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary S...
CVE-2008-0851 Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject...
E S
CVE-2008-0852 freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG...
E
CVE-2008-0853 SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attacker...
E
CVE-2008-0854 SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attack...
CVE-2008-0855 SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo al...
CVE-2008-0856 Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitr...
E
CVE-2008-0857 SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers...
E
CVE-2008-0858 Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remot...
S
CVE-2008-0859 Unspecified vulnerability in Kerio MailServer before 6.5.0 allows remote attackers to cause a denial...
CVE-2008-0860 Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact ...
CVE-2008-0861 Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote a...
E
CVE-2008-0862 IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email messag...
CVE-2008-0863 BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security pol...
S
CVE-2008-0864 Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pag...
CVE-2008-0865 Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass e...
CVE-2008-0866 Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers ...
CVE-2008-0867 Cross-site scripting (XSS) vulnerability in portal/server.pt in BEA AquaLogic Interaction 6.1 throug...
CVE-2008-0868 Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through M...
CVE-2008-0869 Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for W...
CVE-2008-0870 BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redire...
S
CVE-2008-0871 Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote att...
E
CVE-2008-0872 Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote at...
E
CVE-2008-0873 SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote a...
E
CVE-2008-0874 SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers t...
E
CVE-2008-0875 Unspecified vulnerability in Hitachi EUR Print Manager, and related Client and Local Server products...
CVE-2008-0876 Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLAT...
CVE-2008-0877 Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media Jukebox 2.7.5 allow remote atta...
CVE-2008-0878 SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows ...
E
CVE-2008-0879 SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attack...
E
CVE-2008-0880 SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote atta...
E
CVE-2008-0881 SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attacke...
E
CVE-2008-0882 Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers ...
CVE-2008-0883 acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink...
S
CVE-2008-0884 The Replace function in the capp-lspp-config script in the (1) lspp-eal4-config-ibm and (2) capp-lsp...
CVE-2008-0885 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2008-0886 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0882. Reason: This candida...
R
CVE-2008-0887 gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unl...
E
CVE-2008-0888 The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using inval...
S
CVE-2008-0889 Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions fo...
S
CVE-2008-0890 Red Hat Directory Server 7.1 before SP4 uses insecure permissions for certain directories, which all...
CVE-2008-0891 Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enab...
S
CVE-2008-0892 The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used b...
CVE-2008-0893 Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properl...
S
CVE-2008-0894 Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a...
CVE-2008-0895 BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authenti...
S
CVE-2008-0896 BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator deletes a single instance of a c...
S
CVE-2008-0897 Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users ...
S
CVE-2008-0898 The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurati...
S
CVE-2008-0899 Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Ex...
S
CVE-2008-0900 Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through M...
S
CVE-2008-0901 BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force pass...
S
CVE-2008-0902 Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 1...
S
CVE-2008-0903 Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before...
S
CVE-2008-0904 Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and ...
S
CVE-2008-0905 Directory traversal vulnerability in globsy_edit.php in Globsy 1.0 allows remote attackers to read a...
E
CVE-2008-0906 SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbit...
E
CVE-2008-0907 SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arb...
E
CVE-2008-0908 SQL injection vulnerability in browse.asp in Schoolwires Academic Portal allows remote attackers to ...
CVE-2008-0909 Cross-site scripting (XSS) vulnerability in browse.asp in Schoolwires Academic Portal allows remote ...
E
CVE-2008-0910 Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 200...
S
CVE-2008-0911 SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authentica...
E
CVE-2008-0912 Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as u...
E
CVE-2008-0913 Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remo...
S
CVE-2008-0914 Multiple cross-site scripting (XSS) vulnerabilities in the Mediation server in IPdiva SSL VPN Server...
CVE-2008-0915 The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the...
CVE-2008-0916 SQL injection vulnerability in the Highwood Design hwdVideoShare (com_hwdvideoshare) 1.1.3 Alpha com...
E
CVE-2008-0917 Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 and earlier, I-Navigator 4.0, M...
CVE-2008-0918 SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1....
CVE-2008-0919 Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Ma...
E S
CVE-2008-0920 SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Managemen...
E
CVE-2008-0921 SQL injection vulnerability in news.php in beContent 0.3.1 allows remote attackers to execute arbitr...
E
CVE-2008-0922 SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execu...
E
CVE-2008-0923 Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Play...
CVE-2008-0924 Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory ...
S
CVE-2008-0925 Cross-site scripting (XSS) vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x befo...
CVE-2008-0926 The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8....
CVE-2008-0927 dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial...
E
CVE-2008-0928 Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which ...
CVE-2008-0929 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2008-0930 w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary f...
CVE-2008-0931 w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions (0666) for /etc/wine/config,...
CVE-2008-0932 diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbit...
CVE-2008-0933 Multiple race conditions in the CPU Performance Counters (cpc) subsystem in the kernel in Sun Solari...
E S
CVE-2008-0934 SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attack...
E
CVE-2008-0935 Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPr...
S
CVE-2008-0936 SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allow...
E
CVE-2008-0937 SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows ...
CVE-2008-0938 Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local u...
CVE-2008-0939 Multiple SQL injection vulnerabilities in wppa.php in the WP Photo Album (WPPA) before 1.1 plugin fo...
E
CVE-2008-0940 Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.4.24 allows remote attackers...
S
CVE-2008-0941 Cross-site scripting (XSS) vulnerability in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 al...
E
CVE-2008-0942 SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (AB...
E
CVE-2008-0943 Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allo...
E
CVE-2008-0944 Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote attackers to cause a denial of ser...
E
CVE-2008-0945 Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ip...
CVE-2008-0946 Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Mes...
E
CVE-2008-0947 Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 throug...
CVE-2008-0948 Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT K...
CVE-2008-0949 Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attack...
CVE-2008-0951 Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allow...
CVE-2008-0952 The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager...
CVE-2008-0953 The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP...
S
CVE-2008-0955 Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.oc...
E
CVE-2008-0956 Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the Back...
S
CVE-2008-0957 Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control (PSPUpload...
CVE-2008-0958 Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioGrabber2 Acti...
CVE-2008-0959 Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ...
CVE-2008-0960 SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x befor...
E S
CVE-2008-0961 EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypas...
CVE-2008-0962 Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote au...
CVE-2008-0963 Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users ...
CVE-2008-0964 Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before sn...
E
CVE-2008-0965 Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before s...
CVE-2008-0967 Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 917...
CVE-2008-0971 Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Barracuda Spam Firewall (BSF) be...
CVE-2008-0973 Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x...
CVE-2008-0974 Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and...
CVE-2008-0975 Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and...
CVE-2008-0976 Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and...
CVE-2008-0977 Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and...
CVE-2008-0978 Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and...
CVE-2008-0979 Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, distributed under the HP Stor...
CVE-2008-0980 Multiple cross-site scripting (XSS) vulnerabilities in Spyce - Python Server Pages (PSP) 2.1.3 allow...
E
CVE-2008-0981 Open redirect vulnerability in spyce/examples/redirect.spy in Spyce - Python Server Pages (PSP) 2.1....
CVE-2008-0982 Spyce - Python Server Pages (PSP) 2.1.3 allows remote attackers to obtain sensitive information via ...
E
CVE-2008-0983 lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a...
S
CVE-2008-0984 The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earl...
S
CVE-2008-0985 Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37...
E S
CVE-2008-0986 Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3...
E
CVE-2008-0987 Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibil...
S
CVE-2008-0988 Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-depen...
S
CVE-2008-0989 Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to ex...
S
CVE-2008-0990 notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death notifications have originated...
S
CVE-2008-0992 Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbi...
S
CVE-2008-0993 Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in co...
S
CVE-2008-0994 Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes...
S
CVE-2008-0995 The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF fi...
S
CVE-2008-0996 The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when s...
S
CVE-2008-0997 Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attacker...
S
CVE-2008-0998 Unspecified vulnerability in NetCfgTool in the System Configuration component in Apple Mac OS X 10.4...
S
CVE-2008-0999 Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a craf...
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.