Max CVSS 10.0 Min CVSS 2.1 Total Count22
IDCVSSSummaryLast (major) updatePublished
CVE-2008-2079 4.6
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY argume
22-01-2013 - 22:56 05-05-2008 - 12:20
CVE-2008-2812 7.2
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) ha
26-11-2012 - 22:47 08-07-2008 - 20:41
CVE-2008-2811 10.0
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose di
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2809 4.0
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in t
26-11-2012 - 22:47 08-07-2008 - 19:41
CVE-2008-2807 5.0
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 enc
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2803 6.8
The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2802 7.5
Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to t
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2799 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unk
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2798 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unk
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2007-2691 4.9
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
05-11-2012 - 22:39 15-05-2007 - 21:19
CVE-2006-4145 4.9
The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.
19-03-2012 - 00:00 21-08-2006 - 15:04
CVE-2008-1803 9.3
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not spec
11-10-2011 - 00:00 12-05-2008 - 18:20
CVE-2007-5794 4.3
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was o
10-08-2011 - 00:00 13-11-2007 - 18:46
CVE-2008-2785 9.3
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which all
13-05-2011 - 00:00 19-06-2008 - 17:41
CVE-2008-3263 7.8
The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x befor
07-03-2011 - 22:10 22-07-2008 - 19:41
CVE-2008-2375 7.1
Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication at
07-03-2011 - 22:09 08-07-2008 - 20:41
CVE-2008-1801 9.3
Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.
07-03-2011 - 22:07 12-05-2008 - 12:20
CVE-2008-1722 4.3
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.
07-03-2011 - 22:07 10-04-2008 - 15:05
CVE-2008-0304 7.5
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation
07-03-2011 - 22:04 29-02-2008 - 14:44
CVE-2006-4031 2.1
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
07-03-2011 - 21:40 09-08-2006 - 18:04
CVE-2006-3469 4.0
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_forma
07-03-2011 - 00:00 21-07-2006 - 10:03
CVE-2008-1946 4.4
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.s
21-08-2010 - 01:19 28-07-2008 - 13:41
Back to Top Mark selected
Back to Top