Max CVSS 9.3 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-1515 6.4
The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."
31-10-2018 - 19:19 01-04-2008 - 17:44
CVE-2007-1003 9.0
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large
16-10-2018 - 16:36 06-04-2007 - 01:19
CVE-2008-0983 5.0
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of
15-10-2018 - 22:04 26-02-2008 - 18:44
CVE-2008-0553 6.8
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
15-10-2018 - 22:01 07-02-2008 - 21:00
CVE-2008-0006 7.5
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the las
15-10-2018 - 21:56 18-01-2008 - 23:00
CVE-2007-6429 9.3
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by
15-10-2018 - 21:53 18-01-2008 - 23:00
CVE-2007-6428 5.0
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used a
15-10-2018 - 21:53 18-01-2008 - 23:00
CVE-2007-6427 9.3
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
15-10-2018 - 21:53 18-01-2008 - 23:00
CVE-2007-5958 5.0
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
15-10-2018 - 21:47 18-01-2008 - 23:00
CVE-2008-1563 4.3
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
11-10-2018 - 20:35 31-03-2008 - 22:44
CVE-2008-1562 5.0
The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740.
11-10-2018 - 20:35 31-03-2008 - 22:44
CVE-2008-1561 5.0
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2
11-10-2018 - 20:35 31-03-2008 - 22:44
CVE-2008-1552 6.8
The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a cra
11-10-2018 - 20:35 31-03-2008 - 17:44
CVE-2008-1482 6.8
Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted
11-10-2018 - 20:34 24-03-2008 - 22:44
CVE-2008-1270 5.0
mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory.
11-10-2018 - 20:31 10-03-2008 - 21:44
CVE-2008-1111 5.0
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
11-10-2018 - 20:29 04-03-2008 - 23:44
Back to Top Mark selected
Back to Top