Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0021 | 1 Muhammad A. Muquit | 1 Wwwcount | 2008-09-09 | 7.5 HIGH | N/A |
| Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program. | |||||
| CVE-1999-0019 | 7 Data General, Ibm, Ncr and 4 more | 10 Dg Ux, Aix, Mp-ras and 7 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Delete or create a file via rpc.statd, due to invalid information. | |||||
| CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Land IP denial of service. | |||||
| CVE-1999-0014 | 3 Cde, Hp, Ibm | 4 Cde, Hp-ux, Vvos and 1 more | 2008-09-09 | 7.2 HIGH | N/A |
| Unauthorized privileged access or denial of service via dtappgather program in CDE. | |||||
| CVE-1999-0006 | 1 Qualcomm | 1 Qpopper | 2008-09-09 | 10.0 HIGH | N/A |
| Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command. | |||||
| CVE-1999-0005 | 2 Netscape, University Of Washington | 2 Messaging Server, Imap | 2008-09-09 | 10.0 HIGH | N/A |
| Arbitrary command execution via IMAP buffer overflow in authenticate command. | |||||
| CVE-2008-3901 | 2 Linux, Suspend2 | 2 Linux Kernel, Software Suspend 2 | 2008-09-05 | 2.1 LOW | N/A |
| Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. | |||||
| CVE-2008-3891 | 1 Google | 1 Google Apps | 2008-09-05 | 7.5 HIGH | N/A |
| The SAML Single Sign-On (SSO) Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field. | |||||
| CVE-2008-3754 | 1 Yourfreeworld | 1 Stylish Text Ads Script | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-3671 | 2 Acronis, Linux | 2 True Image Echo Server, Linux Kernel | 2008-09-05 | 5.0 MEDIUM | N/A |
| Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3590 | 1 Egi Zaberl | 1 E.z. Poll | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3442 | 1 Winzip | 1 Winzip | 2008-09-05 | 7.5 HIGH | N/A |
| WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3439 | 1 Speedbit | 1 Speedbit Video Accelerator | 2008-09-05 | 7.5 HIGH | N/A |
| SpeedBit Video Acceleration before 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3437 | 1 Openoffice | 1 Openoffice.org | 2008-09-05 | 7.5 HIGH | N/A |
| OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3436 | 1 Notepad\+\+ | 1 Notepad\+\+ | 2008-09-05 | 7.5 HIGH | N/A |
| The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3435 | 1 Linkedin | 1 Browser Toolbar | 2008-09-05 | 7.5 HIGH | N/A |
| LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3433 | 1 Speedbit | 1 Download Accelerator Plus | 2008-09-05 | 7.5 HIGH | N/A |
| SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2008-3376 | 1 Jamroom | 1 Jamroom | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have unknown impact and attack vectors. | |||||
| CVE-2008-3233 | 1 Wordpress | 1 Wordpress | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-2858 | 1 Webchamado | 1 Webchamado | 2008-09-05 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||