| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-1386 | 5.0 |
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
|
07-02-2024 - 18:03 | 04-06-2009 - 16:30 | |
| CVE-2009-1378 | 5.0 |
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or
|
07-02-2024 - 18:02 | 19-05-2009 - 19:30 | |
| CVE-2009-1377 | 5.0 |
The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, ak
|
07-02-2024 - 18:01 | 19-05-2009 - 19:30 | |
| CVE-2009-1387 | 5.0 |
The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a
|
07-02-2024 - 18:01 | 04-06-2009 - 16:30 | |
| CVE-2009-1379 | 5.0 |
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS
|
13-02-2023 - 02:20 | 19-05-2009 - 19:30 | |
| CVE-2010-1034 | 4.6 |
Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unkno
|
09-10-2019 - 23:00 | 23-04-2010 - 14:30 | |
| CVE-2008-5814 | 2.6 |
Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear
|
30-10-2018 - 16:26 | 02-01-2009 - 18:11 | |
| CVE-2008-5557 | 10.0 |
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is n
|
11-10-2018 - 20:56 | 23-12-2008 - 18:30 | |
| CVE-2008-4226 | 10.0 |
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
|
29-09-2017 - 01:32 | 25-11-2008 - 23:30 | |
| CVE-2008-1468 | 4.3 |
Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CV
|
08-08-2017 - 01:30 | 24-03-2008 - 21:44 |