| Max CVSS | 10.0 | Min CVSS | 3.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-0892 | 9.0 |
The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands.
|
03-02-2022 - 19:56 | 16-04-2008 - 18:05 | |
| CVE-2018-0856 | 7.6 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0
|
24-08-2020 - 17:37 | 15-02-2018 - 02:29 | |
| CVE-2001-0500 | 10.0 |
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data
|
12-10-2018 - 21:30 | 21-07-2001 - 04:00 | |
| CVE-2008-6592 | 7.5 |
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified ca
|
11-10-2018 - 20:57 | 03-04-2009 - 18:30 | |
| CVE-2008-6593 | 7.5 |
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
|
11-10-2018 - 20:57 | 03-04-2009 - 18:30 | |
| CVE-2008-1936 | 7.5 |
SQL injection vulnerability in index.php in Classifieds Caffe allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an add action. NOTE: this issue might be site-specific.
|
11-10-2018 - 20:38 | 25-04-2008 - 06:05 | |
| CVE-2008-1920 | 7.5 |
Heap-based buffer overflow in the boxelyRenderer module in the Personal Status Manager feature in ICQ 6.0 build 6043 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted personal status message.
|
11-10-2018 - 20:37 | 23-04-2008 - 13:05 | |
| CVE-2008-1896 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Redirect parameter to login.asp and the (2) OrderBy parameter to member_send.asp.
|
11-10-2018 - 20:37 | 18-04-2008 - 22:05 | |
| CVE-2008-1895 | 7.5 |
Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified p
|
11-10-2018 - 20:37 | 18-04-2008 - 22:05 | |
| CVE-2008-1786 | 9.3 |
The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in multiple CA products including BrightStor ARCServe Backup for Laptops and Desktops r11.5, Desktop Management Suite r11.1 through r11.2 C2; Unicenter r11.1 through r11.2 C2; and Deskt
|
11-10-2018 - 20:36 | 16-04-2008 - 17:05 | |
| CVE-2008-1913 | 7.5 |
SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the new parameter in a new action.
|
29-09-2017 - 01:30 | 22-04-2008 - 04:41 | |
| CVE-2008-1889 | 7.5 |
SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
29-09-2017 - 01:30 | 18-04-2008 - 22:05 | |
| CVE-2012-0132 | 4.3 |
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
29-08-2017 - 01:30 | 05-04-2012 - 13:25 | |
| CVE-2016-3894 | 4.3 |
The Qualcomm DMA component in Android before 2016-09-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29618014 and Qualcomm internal bug CR1042033.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
| CVE-2008-1832 | 3.3 |
lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.
|
08-08-2017 - 01:30 | 16-04-2008 - 15:05 | |
| CVE-2008-0893 | 7.5 |
Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.
|
08-08-2017 - 01:29 | 16-04-2008 - 18:05 | |
| CVE-2008-1155 | 10.0 |
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing e
|
08-08-2017 - 01:29 | 16-04-2008 - 17:05 | |
| CVE-2007-1397 | 10.0 |
Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings.
|
29-07-2017 - 01:30 | 10-03-2007 - 22:19 | |
| CVE-2005-0882 | 7.5 |
SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) userpw parameters.
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 | |
| CVE-2008-4237 | 10.0 |
Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated
|
08-03-2011 - 03:12 | 17-12-2008 - 01:30 |