ReportizFlow
Filtered by vendor
Subscriptions
Total
13198 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0526 | 1 Cisco | 3 Session Initiation Protocol \(sip\) Firmware, Skinny Client Control Protocol \(sccp\) Firmware, Unified Ip Phone | 2026-04-23 | N/A |
| Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a long ICMP echo request (ping) packet. | ||||
| CVE-2009-3640 | 1 Linux | 1 Linux Kernel | 2026-04-23 | N/A |
| The update_cr8_intercept function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc1 does not properly handle the absence of an Advanced Programmable Interrupt Controller (APIC), which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via a call to the kvm_vcpu_ioctl function. | ||||
| CVE-2008-2806 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2026-04-23 | N/A |
| Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin (JEP) and Java LiveConnect. | ||||
| CVE-2008-1331 | 1 Alcatel-lucent | 1 Omnipcx Office | 2026-04-23 | N/A |
| cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter. | ||||
| CVE-2008-0071 | 2 Bittorrent, Utorrent | 2 Bittorrent, Utorrent | 2026-04-23 | N/A |
| The Web UI interface in (1) BitTorrent before 6.0.3 build 8642 and (2) uTorrent before 1.8beta build 10524 allows remote attackers to cause a denial of service (application crash) via an HTTP request with a malformed Range header. | ||||
| CVE-2008-7029 | 1 Alilg | 1 Aliboard | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in usercp.php in AlilG Application AliBoard Beta allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in uploads/avatars/. | ||||
| CVE-2008-7037 | 2 Itn, Microsoft | 2 Itn News Gadget, Windows Vista | 2026-04-23 | N/A |
| The Sidebar gadget in ITN News Gadget (aka ITN Hub Gadget) 1.06 for Windows Vista, and possibly other versions before 1.23, allows remote web servers or man-in-the-middle attackers to execute arbitrary commands via script in a short_title response. | ||||
| CVE-2008-7052 | 1 Preprojects | 1 Pre Real Estate Listings | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in profile.php in Pre Projects Pre Real Estate Listings allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in re_images/. | ||||
| CVE-2008-2704 | 1 Novell | 1 Groupwise Messenger | 2026-04-23 | N/A |
| Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remote attackers to cause a denial of service (crash) via a long user ID, possibly involving a popup alert. NOTE: it is not clear whether this issue crosses privilege boundaries. | ||||
| CVE-2008-2256 | 1 Microsoft | 1 Internet Explorer | 2026-04-23 | N/A |
| Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2008-0171 | 2 Boost, Redhat | 3 Boost, Boost Regex Library, Enterprise Linux | 2026-04-23 | N/A |
| regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression. | ||||
| CVE-2008-0172 | 3 Boost, Redhat, Ubuntu | 3 Boost, Enterprise Linux, Ubuntu Linux | 2026-04-23 | N/A |
| The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression. | ||||
| CVE-2008-0199 | 1 Pro Search | 1 Pro Search | 2026-04-23 | N/A |
| PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the show_page and time parameters to the default URI. | ||||
| CVE-2008-7112 | 1 Kyoceramita | 1 Scanner File Utility | 2026-04-23 | N/A |
| The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to cause a denial of service (hang or crash) via invalid field length values in a malformed (1) document or (2) request. | ||||
| CVE-2008-0237 | 1 Microsoft | 1 Rich Textbox Control | 2026-04-23 | N/A |
| The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 allows remote attackers to execute arbitrary commands by invoking the insecure SaveFile method. | ||||
| CVE-2008-2134 | 1 Tru-zone | 1 Nukeet | 2026-04-23 | N/A |
| The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie. | ||||
| CVE-2009-3448 | 1 Bakbone | 1 Netvault | 2026-04-23 | N/A |
| npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6684 | 1 Yourfreeworld | 1 Apartment Search Script | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in Member_Admin/logo/. | ||||
| CVE-2008-6751 | 1 Revou | 2 Revou, Tclone | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in settings/my_photo. | ||||
| CVE-2008-1265 | 1 Linksys | 1 Wrt54g | 2026-04-23 | N/A |
| The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. | ||||