Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-3431 | 7.2 |
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain pri
|
11-10-2018 - 20:48 | 05-08-2008 - 19:41 | |
CVE-2008-3448 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in common solutions csphonebook 1.02 allows remote attackers to inject arbitrary web script or HTML via the letter parameter.
|
11-10-2018 - 20:48 | 04-08-2008 - 17:41 | |
CVE-2008-2320 | 9.3 |
Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service (app
|
11-10-2018 - 20:40 | 04-08-2008 - 01:41 | |
CVE-2012-4745 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.
|
13-08-2018 - 21:47 | 31-08-2012 - 22:55 | |
CVE-2017-9968 | 4.3 |
A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attac
|
09-03-2018 - 14:56 | 12-02-2018 - 23:29 | |
CVE-2001-0974 | 7.5 |
Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
|
19-12-2017 - 02:29 | 17-07-2001 - 04:00 | |
CVE-2008-6853 | 7.5 |
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter.
|
29-09-2017 - 01:33 | 07-07-2009 - 19:00 | |
CVE-2008-3446 | 6.8 |
Directory traversal vulnerability in inc/wysiwyg.php in LetterIt 2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
|
29-09-2017 - 01:31 | 04-08-2008 - 17:41 | |
CVE-2008-3445 | 7.5 |
SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 allows remote attackers to execute arbitrary SQL commands via the location parameter.
|
29-09-2017 - 01:31 | 04-08-2008 - 17:41 | |
CVE-2008-3486 | 7.5 |
Directory traversal vulnerability in the user_get_profile function in include/functions.inc.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier, when the charset is utf-8, allows remote attackers to include and execute arbitrary local files via
|
29-09-2017 - 01:31 | 06-08-2008 - 17:41 | |
CVE-2010-1805 | 6.9 |
Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been d
|
19-09-2017 - 01:30 | 10-09-2010 - 19:00 | |
CVE-2008-3444 | 4.3 |
The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted but well-formed web page that contains "a simple set of legitimate HTML
|
08-08-2017 - 01:31 | 04-08-2008 - 10:59 | |
CVE-2008-2322 | 9.3 |
Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buff
|
08-08-2017 - 01:30 | 04-08-2008 - 01:41 | |
CVE-2008-2323 | 7.1 |
Unspecified vulnerability in Data Detectors Engine in Apple Mac OS X 10.5.4 allows attackers to cause a denial of service (resource consumption) via crafted textual content in messages.
|
08-08-2017 - 01:30 | 04-08-2008 - 01:41 | |
CVE-2008-2324 | 4.6 |
The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs.
|
08-08-2017 - 01:30 | 04-08-2008 - 01:41 | |
CVE-2008-2321 | 9.3 |
Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of argum
|
08-08-2017 - 01:30 | 04-08-2008 - 01:41 | |
CVE-2008-2325 | 9.3 |
QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office file, related to insufficient "bounds checking."
|
08-08-2017 - 01:30 | 04-08-2008 - 01:41 | |
CVE-2005-1093 | 7.5 |
Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote attackers to execute arbitrary code.
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 |