Total
1229 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1379 | 2 Redhat, X | 2 Enterprise Linux, X11 | 2025-04-09 | N/A |
| Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height. | ||||
| CVE-2008-1377 | 2 Redhat, X | 2 Enterprise Linux, X11 | 2025-04-09 | N/A |
| The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. | ||||
| CVE-2008-1771 | 1 Fireflymediaserver | 1 Fireflymediaserver | 2025-04-09 | N/A |
| Integer overflow in the ws_getpostvars function in Firefly Media Server (formerly mt-daapd) 0.2.4.1 (0.9~r1696-1.2 on Debian) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a large Content-Length. | ||||
| CVE-2008-1338 | 1 Perforce | 1 Perforce Server | 2025-04-09 | N/A |
| The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a server-DiffFile command with an integer value within a certain range, which causes a loop until all memory is exhausted. | ||||
| CVE-2008-1302 | 2 Microsoft, Perforce | 2 Windows, Perforce Server | 2025-04-09 | N/A |
| The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) server-DiffFile or (2) server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invalid memory access. | ||||
| CVE-2008-1267 | 1 Siemens | 1 Speedstream 6520 | 2025-04-09 | N/A |
| The Siemens SpeedStream 6520 router allows remote attackers to cause a denial of service (web interface crash) via an HTTP request to basehelp_English.htm with a large integer in the Content-Length field. | ||||
| CVE-2008-4107 | 1 Php | 1 Php | 2025-04-09 | N/A |
| The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102. | ||||
| CVE-2008-0986 | 1 Google | 1 Android Sdk | 2025-04-09 | N/A |
| Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field. | ||||
| CVE-2008-0988 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer over-read. | ||||
| CVE-2008-0944 | 1 Ipswitch | 1 Instant Messaging | 2025-04-09 | N/A |
| Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote attackers to cause a denial of service (NULL dereference and application crash) via a version field containing zero. | ||||
| CVE-2008-0726 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-09 | N/A |
| Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption. | ||||
| CVE-2008-0550 | 1 Radio Toolbox | 1 Steamcast | 2025-04-09 | N/A |
| Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header. | ||||
| CVE-2008-0485 | 1 Mplayer | 1 Mplayer | 2025-04-09 | N/A |
| Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag. | ||||
| CVE-2008-0434 | 1 Gecad Technologies | 1 Axigen Mail Server | 2025-04-09 | N/A |
| Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command. | ||||
| CVE-2008-0387 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption. | ||||
| CVE-2008-0318 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | N/A |
| Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow. | ||||
| CVE-2008-0307 | 1 Sap | 1 Maxdb | 2025-04-09 | N/A |
| Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption. | ||||
| CVE-2008-0073 | 2 Redhat, Xine | 2 Fedora, Xine-lib | 2025-04-09 | N/A |
| Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter. | ||||
| CVE-2008-0070 | 1 Orb Networks | 1 Orb | 2025-04-09 | N/A |
| Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA allows remote attackers to execute arbitrary code via an RPC request that specifies a large number of array dimensions, which triggers a heap-based buffer overflow. | ||||
| CVE-2008-0057 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list. | ||||