Max CVSS 6.8 Min CVSS 4.4 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2007-6598 6.8
Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
15-10-2018 - 21:55 04-01-2008 - 02:46
CVE-2008-4297 5.0
Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request.
11-10-2018 - 20:51 27-09-2008 - 10:30
CVE-2008-1218 6.8
Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delim
11-10-2018 - 20:30 10-03-2008 - 23:44
CVE-2008-1199 4.4
Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a s
11-10-2018 - 20:30 06-03-2008 - 21:44
CVE-2008-4109 5.0
A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attac
08-08-2017 - 01:32 18-09-2008 - 15:04
CVE-2008-3134 5.0
Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6)
08-08-2017 - 01:31 10-07-2008 - 23:41
Back to Top Mark selected
Back to Top