| Max CVSS | 6.8 | Min CVSS | 4.4 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4109 | 5.0 |
A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attac
|
01-07-2024 - 11:15 | 18-09-2008 - 15:04 | |
| CVE-2007-6598 | 6.8 |
Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
|
15-10-2018 - 21:55 | 04-01-2008 - 02:46 | |
| CVE-2008-4297 | 5.0 |
Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request.
|
11-10-2018 - 20:51 | 27-09-2008 - 10:30 | |
| CVE-2008-1218 | 6.8 |
Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delim
|
11-10-2018 - 20:30 | 10-03-2008 - 23:44 | |
| CVE-2008-1199 | 4.4 |
Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a s
|
11-10-2018 - 20:30 | 06-03-2008 - 21:44 | |
| CVE-2008-3134 | 5.0 |
Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6)
|
08-08-2017 - 01:31 | 10-07-2008 - 23:41 |