Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-0040 | 6.8 |
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr
|
09-02-2024 - 03:25 | 22-02-2009 - 22:30 | |
CVE-2009-0846 | 10.0 |
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code
|
09-02-2024 - 03:21 | 09-04-2009 - 00:30 | |
CVE-2008-3281 | 4.3 |
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
|
02-02-2024 - 15:02 | 27-08-2008 - 20:41 | |
CVE-2008-4309 | 5.0 |
Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK req
|
13-02-2023 - 02:19 | 31-10-2008 - 20:29 | |
CVE-2008-3432 | 6.8 |
Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
|
13-02-2023 - 02:19 | 10-10-2008 - 10:30 | |
CVE-2008-3529 | 10.0 |
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
|
13-02-2023 - 02:19 | 12-09-2008 - 16:56 | |
CVE-2009-0844 | 5.8 |
The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that tri
|
21-01-2020 - 15:45 | 09-04-2009 - 00:30 | |
CVE-2009-0845 | 5.0 |
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via in
|
21-01-2020 - 15:45 | 27-03-2009 - 16:30 | |
CVE-2008-2100 | 7.2 |
Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS u
|
14-08-2019 - 11:29 | 05-06-2008 - 20:32 | |
CVE-2008-4917 | 7.2 |
Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through
|
02-11-2018 - 13:44 | 09-12-2008 - 00:30 | |
CVE-2008-4915 | 6.9 |
The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through
|
02-11-2018 - 13:43 | 10-11-2008 - 14:12 | |
CVE-2008-4279 | 6.8 |
The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231;
|
02-11-2018 - 13:06 | 06-10-2008 - 19:54 | |
CVE-2008-2712 | 9.3 |
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3)
|
01-11-2018 - 15:07 | 16-06-2008 - 21:41 | |
CVE-2007-5671 | 4.4 |
HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not
|
30-10-2018 - 16:26 | 05-06-2008 - 20:32 | |
CVE-2009-1805 | 4.0 |
Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build
|
30-10-2018 - 16:26 | 01-06-2009 - 19:30 | |
CVE-2009-1147 | 7.2 |
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allo
|
30-10-2018 - 16:26 | 06-04-2009 - 15:30 | |
CVE-2008-0967 | 6.9 |
Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build
|
30-10-2018 - 16:26 | 05-06-2008 - 20:32 | |
CVE-2009-1146 | 4.9 |
Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows lo
|
30-10-2018 - 16:25 | 06-04-2009 - 15:30 | |
CVE-2008-0960 | 10.0 |
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Dat
|
30-10-2018 - 16:25 | 10-06-2008 - 18:32 | |
CVE-2009-1244 | 6.8 |
Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; V
|
30-10-2018 - 16:25 | 13-04-2009 - 16:30 | |
CVE-2007-2953 | 6.8 |
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, relat
|
16-10-2018 - 16:46 | 31-07-2007 - 10:17 | |
CVE-2009-0025 | 6.8 |
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulne
|
11-10-2018 - 20:58 | 07-01-2009 - 17:30 | |
CVE-2008-5077 | 5.8 |
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
|
11-10-2018 - 20:53 | 07-01-2009 - 17:30 | |
CVE-2008-4281 | 9.3 |
Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors.
|
11-10-2018 - 20:51 | 10-11-2008 - 14:12 | |
CVE-2008-4101 | 9.3 |
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute
|
11-10-2018 - 20:50 | 18-09-2008 - 17:59 | |
CVE-2008-2327 | 6.8 |
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file,
|
11-10-2018 - 20:40 | 27-08-2008 - 20:41 | |
CVE-2008-2097 | 9.0 |
Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."
|
11-10-2018 - 20:39 | 05-06-2008 - 20:32 | |
CVE-2008-1382 | 7.5 |
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which
|
11-10-2018 - 20:32 | 14-04-2008 - 16:05 | |
CVE-2008-1372 | 4.3 |
bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
|
11-10-2018 - 20:32 | 18-03-2008 - 21:44 | |
CVE-2009-0177 | 5.0 |
vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0
|
19-10-2017 - 01:30 | 20-01-2009 - 16:00 | |
CVE-2009-0908 | 6.4 |
Unspecified vulnerability in the ACE shared folders implementation in the VMware Host Guest File System (HGFS) shared folders feature in VMware ACE 2.5.1 and earlier allows attackers to enable a disabled shared folder.
|
29-09-2017 - 01:34 | 06-04-2009 - 15:30 | |
CVE-2009-0910 | 6.8 |
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows re
|
29-09-2017 - 01:34 | 06-04-2009 - 15:30 | |
CVE-2009-0909 | 9.3 |
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows re
|
29-09-2017 - 01:34 | 06-04-2009 - 15:30 | |
CVE-2009-0518 | 2.1 |
VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password.
|
29-09-2017 - 01:33 | 06-04-2009 - 15:30 | |
CVE-2008-4916 | 4.6 |
Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build
|
29-09-2017 - 01:32 | 06-04-2009 - 15:30 | |
CVE-2008-4226 | 10.0 |
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
|
29-09-2017 - 01:32 | 25-11-2008 - 23:30 | |
CVE-2008-4914 | 4.7 |
Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service (host crash) via a snapshot with a malformed VMDK delta disk.
|
29-09-2017 - 01:32 | 03-02-2009 - 19:30 | |
CVE-2008-4225 | 7.8 |
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
|
29-09-2017 - 01:32 | 25-11-2008 - 23:30 | |
CVE-2008-3716 | 6.0 |
Cross-site request forgery (CSRF) vulnerability in Harmoni before 1.6.0 allows remote attackers to make administrative modifications via a (1) save or (2) delete action to an unspecified component. Download Harmoni 1.6.0 at Sourceforge:
http://sou
|
29-09-2017 - 01:31 | 19-08-2008 - 19:41 |