Max CVSS 10.0 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-2783 4.3
Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the mi
18-10-2018 - 16:42 02-06-2006 - 19:02
CVE-2007-6284 5.0
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
15-10-2018 - 21:51 12-01-2008 - 02:46
CVE-2008-2317 9.3
WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the
11-10-2018 - 20:40 14-07-2008 - 18:41
CVE-2008-2304 6.8
Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string
11-10-2018 - 20:40 14-07-2008 - 18:41
CVE-2008-1026 6.8
Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition
11-10-2018 - 20:29 17-04-2008 - 19:05
CVE-2008-1767 7.5
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that trigg
29-09-2017 - 01:30 23-05-2008 - 15:32
CVE-2008-0177 7.8
The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 p
29-09-2017 - 01:30 07-02-2008 - 22:00
CVE-2008-1588 4.3
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to spoof the address bar via Unicode ideographic spaces in the URL.
08-08-2017 - 01:30 14-07-2008 - 18:41
CVE-2008-1589 4.3
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a (1) self-signed or (2) invalid certificate, which makes it easier for remote attackers to spoof web site
08-08-2017 - 01:30 14-07-2008 - 18:41
CVE-2008-1590 6.8
JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecifi
08-08-2017 - 01:30 14-07-2008 - 18:41
CVE-2008-2318 5.0
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.
08-08-2017 - 01:30 14-07-2008 - 18:41
CVE-2008-2303 10.0
Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript array indices that trigger an
08-08-2017 - 01:30 14-07-2008 - 18:41
CVE-2008-1025 4.3
Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a colon in the hostname portion.
08-08-2017 - 01:29 17-04-2008 - 19:05
CVE-2008-0050 5.0
CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error.
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-2307 9.3
Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary co
15-03-2011 - 04:00 23-06-2008 - 20:41
Back to Top Mark selected
Back to Top