| Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-5664 | 9.3 |
Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.exe) 1.15.0.0 allows remote attackers to execute arbitrary code via a crafted playlist (PLA) file.
|
14-02-2024 - 01:17 | 19-12-2008 - 01:52 | |
| CVE-2008-1086 | 9.3 |
The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, wh
|
23-07-2021 - 12:19 | 08-04-2008 - 23:05 | |
| CVE-2007-4620 | 9.0 |
Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager
|
07-04-2021 - 18:14 | 07-04-2008 - 18:44 | |
| CVE-2007-0939 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Sc
|
16-10-2018 - 16:35 | 10-04-2007 - 21:19 | |
| CVE-2008-1088 | 9.3 |
Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a crafted Project file, related to improper validation of "memory resource allocations."
|
12-10-2018 - 21:45 | 08-04-2008 - 23:05 | |
| CVE-2008-1797 | 7.1 |
Unspecified vulnerability in Secure Computing Webwasher 5.30 before build 3159 and 6.3.0 before build 3150 allows remote attackers to cause a denial of service (freeze) via a crafted URL.
|
11-10-2018 - 20:36 | 15-04-2008 - 17:05 | |
| CVE-2018-0839 | 4.3 |
Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0763.
|
09-03-2018 - 18:11 | 15-02-2018 - 02:29 | |
| CVE-2001-1344 | 7.5 |
WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot).
|
19-12-2017 - 02:29 | 12-06-2001 - 04:00 | |
| CVE-2008-6519 | 10.0 |
Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a Long Running W
|
29-09-2017 - 01:33 | 25-03-2009 - 18:30 | |
| CVE-2008-1759 | 7.5 |
SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php, a different vector than CVE-2007-4922.
|
29-09-2017 - 01:30 | 12-04-2008 - 20:05 | |
| CVE-2012-0131 | 10.0 |
Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
19-09-2017 - 01:34 | 05-04-2012 - 13:55 | |
| CVE-2008-6550 | 4.3 |
Cross-site scripting (XSS) vulnerability in glossaire.php in Glossaire 2.0 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. NOTE: the provenance of this information is unknown; the details are obtained solely
|
17-08-2017 - 01:29 | 30-03-2009 - 01:30 | |
| CVE-2008-6520 | 10.0 |
Multiple format string vulnerabilities in the SSI filter in Xitami Web Server 2.5c2, and possibly other versions, allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a
|
17-08-2017 - 01:29 | 25-03-2009 - 18:30 | |
| CVE-2016-3886 | 7.2 |
systemui/statusbar/phone/QuickStatusBarHeader.java in the System UI Tuner in Android 7.0 before 2016-09-01 does not prevent tuner changes on the lockscreen, which allows physically proximate attackers to gain privileges by modifying a setting, aka in
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
| CVE-2008-1787 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Poplar Gedcom Viewer 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) text and (2) ul parameters. NOTE: the provenance of this information is unknown; t
|
08-08-2017 - 01:30 | 15-04-2008 - 17:05 | |
| CVE-2008-1775 | 3.5 |
Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine Firewall Analyzer 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the displayName parameter. NOTE: the provenance of this information is unknown; the deta
|
08-08-2017 - 01:30 | 14-04-2008 - 16:05 | |
| CVE-2008-0311 | 9.3 |
Stack-based buffer overflow in the PGMWebHandler::parse_request function in the StarTeam Multicast Service component (STMulticastService) 6.4 in Borland CaliberRM 2006 allows remote attackers to execute arbitrary code via a large HTTP request.
|
08-08-2017 - 01:29 | 06-04-2008 - 23:44 | |
| CVE-2005-0841 | 7.5 |
SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit.php, (4) document.php, (5) census.php, (6) passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrate
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 |