Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-3281 | 4.3 |
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
|
02-02-2024 - 15:02 | 27-08-2008 - 20:41 | |
CVE-2008-2938 | 4.3 |
Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequence
|
13-02-2023 - 02:19 | 13-08-2008 - 00:41 | |
CVE-2008-3529 | 10.0 |
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
|
13-02-2023 - 02:19 | 12-09-2008 - 16:56 | |
CVE-2008-2370 | 5.0 |
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traver
|
13-02-2023 - 02:19 | 04-08-2008 - 01:41 | |
CVE-2008-1232 | 4.3 |
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to
|
13-02-2023 - 02:18 | 04-08-2008 - 01:41 | |
CVE-2008-3913 | 5.0 |
Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".
|
10-11-2020 - 18:34 | 11-09-2008 - 01:13 | |
CVE-2008-3912 | 5.0 |
libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.
|
09-11-2020 - 03:20 | 11-09-2008 - 01:13 | |
CVE-2008-3914 | 10.0 |
Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.
|
05-11-2020 - 16:05 | 11-09-2008 - 01:13 | |
CVE-2008-3496 | 10.0 |
Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors.
|
28-07-2020 - 18:49 | 06-08-2008 - 18:41 | |
CVE-2008-3889 | 2.1 |
Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application
|
11-10-2018 - 20:50 | 12-09-2008 - 16:56 | |
CVE-2008-3659 | 6.4 |
Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via the delimiter argument to the explode function
|
11-10-2018 - 20:49 | 15-08-2008 - 00:41 | |
CVE-2008-3658 | 7.5 |
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Mi
|
11-10-2018 - 20:49 | 15-08-2008 - 00:41 | |
CVE-2008-3660 | 5.0 |
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php. Overview contains a t
|
11-10-2018 - 20:49 | 15-08-2008 - 00:41 | |
CVE-2008-2426 | 9.3 |
Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function i
|
11-10-2018 - 20:41 | 02-06-2008 - 21:30 | |
CVE-2008-2327 | 6.8 |
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file,
|
11-10-2018 - 20:40 | 27-08-2008 - 20:41 | |
CVE-2008-3422 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted attributes related to (1) HtmlControl.cs (PreProcessRelativeReference
|
03-10-2018 - 21:55 | 31-07-2008 - 21:41 | |
CVE-2008-3949 | 7.2 |
emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.
|
08-08-2017 - 01:32 | 22-09-2008 - 18:52 | |
CVE-2008-1389 | 5.0 |
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."
|
08-03-2011 - 03:07 | 04-09-2008 - 16:41 |