Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35900 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-5277 1 Powerdns 1 Powerdns 2026-06-16 4.3 MEDIUM N/A
PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.
CVE-2008-5245 1 Xine 1 Xine-lib 2026-06-16 9.3 HIGH N/A
xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.
CVE-2008-5244 1 Xine 1 Xine-lib 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact and attack vectors related to libfaad. NOTE: due to the lack of details, it is not clear whether this is an issue in xine-lib or in libfaad.
CVE-2008-5227 1 Phpcow 1 Phpcow 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in PHPCow allows remote attackers to execute arbitrary code via unknown vectors, related to a "file inclusion vulnerability," as exploited in the wild in November 2008.
CVE-2008-5182 1 Linux 1 Linux Kernel 2026-06-16 6.9 MEDIUM N/A
The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.
CVE-2008-5179 1 Microsoft 3 Office Communications Server, Office Communicator, Windows Live Messenger 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and Windows Live Messenger allows remote attackers to cause a denial of service (crash) via a crafted Real-time Transport Control Protocol (RTCP) receiver report packet.
CVE-2008-5173 1 Testmaker 1 Testmaker 2026-06-16 9.0 HIGH N/A
Unspecified vulnerability in testMaker before 3.0p16 allows remote authenticated users to execute arbitrary PHP code via unspecified attack vectors.
CVE-2008-5160 1 Myserver 1 Myserver 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in MyServer 0.8.11 allows remote attackers to cause a denial of service (daemon crash) via multiple invalid requests with the HTTP GET, DELETE, OPTIONS, and possibly other methods, related to a "204 No Content error."
CVE-2008-5111 1 Sun 2 Opensolaris, Solaris 2026-06-16 4.7 MEDIUM N/A
Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function.
CVE-2008-5110 1 Oneidentity 1 Syslog-ng 2026-06-16 9.3 HIGH N/A
syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9.
CVE-2008-5108 1 Adobe 1 Adobe Air 2026-06-16 6.8 MEDIUM N/A
Unspecified vulnerability in Adobe AIR 1.1 and earlier allows context-dependent attackers to execute untrusted JavaScript in an AIR application via unknown attack vectors.
CVE-2008-5096 1 Typo3 2 File List Extension, Typo3 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.
CVE-2008-5072 1 K-lite 1 Mega Codec Pack 2026-06-16 4.3 MEDIUM N/A
vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers to cause a denial of service (application crash) via a malformed FLV file.
CVE-2008-5026 1 Microsoft 1 Sharepoint Server 2026-06-16 3.5 LOW N/A
Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading HTML documents.
CVE-2008-5010 1 Sun 2 Opensolaris, Solaris 2026-06-16 10.0 HIGH N/A
in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805.
CVE-2008-5006 1 University Of Washington 1 Imap Toolkit 2026-06-16 5.0 MEDIUM N/A
smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP servers to cause a denial of service (NULL pointer dereference and application crash) by responding to the QUIT command with a close of the TCP connection instead of the expected 221 response code.
CVE-2008-4963 1 Cisco 2 Catos, Ios 2026-06-16 7.1 HIGH N/A
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port.
CVE-2008-4926 1 Mw6 Technologies 1 Pdf417 Activex 2026-06-16 9.0 HIGH N/A
Multiple insecure method vulnerabilities in MW6 Technologies PDF417 ActiveX control (MW6PDF417Lib.PDF417, MW6PDF417.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods.
CVE-2008-4925 1 Mw6 Technologies 1 Datamatrix Activex 2026-06-16 9.0 HIGH N/A
Multiple insecure method vulnerabilities in MW6 Technologies DataMatrix ActiveX control (DATAMATRIXLib.MW6DataMatrix, DataMatrix.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods.
CVE-2008-4924 1 Mw6 Technologies 1 1d Barcode Decoder Activex 2026-06-16 9.0 HIGH N/A
Multiple insecure method vulnerabilities in MW6 Technologies 1D Barcode ActiveX control (BARCODELib.MW6Barcode, Barcode.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods.