Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35896 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-4615 1 Portalapp 1 Portalapp 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.
CVE-2008-4609 12 Bsd, Bsdi, Cisco and 9 more 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more 2026-06-16 7.1 HIGH N/A
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
CVE-2008-4598 1 Drupal 1 Shindig-integrator 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in Shindig-Integrator 5.x, a module for Drupal, has unspecified impact and remote attack vectors related to "numerous flaws" that are not related to XSS or access control, a different vulnerability than CVE-2008-4596 and CVE-2008-4597.
CVE-2008-4597 1 Drupal 1 Shindig-integrator 2026-06-16 7.5 HIGH N/A
Shindig-Integrator 5.x, a module for Drupal, does not properly restrict generated page access, which allows remote attackers to gain privileges via unspecified vectors.
CVE-2008-4595 1 Slaytanic Scripts 1 Content Plus 2026-06-16 10.0 HIGH N/A
Multiple unspecified vulnerabilities in Slaytanic Scripts Content Plus 2.1.1 have unknown impact and remote attack vectors.
CVE-2008-4594 2 Linksys, Marvell 2 Wap400n, 88w8361p-bem1 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote.
CVE-2008-4592 1 Sportspanel 1 Sports Clubs Web Portal 2026-06-16 10.0 HIGH N/A
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
CVE-2008-4580 1 Gentoo 2 Cman, Fence 2026-06-16 7.2 HIGH N/A
fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file.
CVE-2008-4576 1 Linux 1 Linux Kernel 2026-06-16 7.8 HIGH N/A
sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires.
CVE-2008-4554 1 Linux 1 Linux Kernel 2026-06-16 4.6 MEDIUM N/A
The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.
CVE-2008-4544 1 Cisco 1 Unity 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error."
CVE-2008-4507 1 Ibm 1 Lotus Quickr 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors.
CVE-2008-4506 1 Ibm 1 Lotus Quickr 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to "demote or delete a place superuser group" via unknown vectors.
CVE-2008-4493 1 Microsoft 1 Digital Image 2026-06-16 6.8 MEDIUM N/A
Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.
CVE-2008-4429 1 Sourcenext 2 Virus Security, Virus Security Zero 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 and earlier and Virus Security 9.5.0173 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via malformed compressed files. NOTE: some of these details are obtained from third party information.
CVE-2008-4418 1 Hp 1 Hp-ux 2026-06-16 7.8 HIGH N/A
Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.
CVE-2008-4416 1 Hp 1 Hp-ux 2026-06-16 4.6 MEDIUM N/A
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.
CVE-2008-4412 1 Hp 1 Systems Insight Manager 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2008-4410 1 Linux 1 Linux Kernel 2026-06-16 4.9 MEDIUM N/A
The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247.
CVE-2008-4398 2 Broadcom, Ca 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.