• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-7177
Nasm
Netwide_assembler, Netwide_assmembler, Network_assembler
2018-10-31
N/A
N/A
Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.
CVE-2008-7176
Celina Jorge
Facil_cms
2017-09-29
N/A
N/A
Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload parameter to modules.php.
CVE-2008-7175
Alex Rabe, Wordpress
Nextgen_gallery, Adserve, Alert_before_you_post, Blix, Blixed, Blixkrieg, Captcha, Cryptographp, Dean_logan_wp-people_plugin, Debug_bar, Download_monitor_plugin
2018-10-11
N/A
N/A
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.
CVE-2008-7174
Jura Impressa, Juracapecoffee
Internet_connectivity_kit, Jura_impressa
2018-10-11
N/A
N/A
Multiple buffer overflows in the Jura Internet Connection Kit for the Jura Impressa F90 coffee maker allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors related to improper use of the gets and sprintf functions.
CVE-2008-7173
Jura Impressa, Juracapecoffee
Internet_connectivity_kit, Jura_impressa
2018-10-11
N/A
N/A
The Jura Internet Connection Kit for the Jura Impressa F90 coffee maker does not properly restrict access to privileged functions, which allows remote attackers to cause a denial of service (physical damage), modify coffee settings, and possibly execute code via a crafted request. NOTE: this issue is being included in CVE because the denial of service may include financial loss or water damage.
CVE-2008-7172
Yanick Bourbeau
Lightweight_news_portal
2017-09-29
N/A
N/A
Lightweight news portal (LNP) 1.0b does not properly restrict access to administrator functionality, which allows remote attackers to gain administrator privileges via direct requests to admin.php with the (1) potd_delete, (2) potd, (3) vote_update, (4) vote, or (5) modifynews actions.
CVE-2008-7171
Yanick Bourbeau
Lightweight_news_portal
2017-09-29
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in Lightweight news portal (LNP) 1.0b allow remote attackers to inject arbitrary web script or HTML via the (1) photo parameter to show_photo.php, (2) potd parameter to show_potd.php, or (3) the Current question field in a vote action to admin.php.
CVE-2008-7170
Gameservers
Gsc
2018-10-11
N/A
N/A
GSC build 2067 and earlier relies on the client to enforce administrator privileges, which allows remote attackers to execute arbitrary administrator commands via a crafted packet.
CVE-2008-7169
Com Jabode, Jabode
Com_jabode
2017-09-29
N/A
N/A
SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php.
CVE-2008-7168
Uusee
Uuplayer_activex_control, Uuupgrade.ocx
2017-08-17
N/A
N/A
Insecure method vulnerability in the UUSee UUUpgrade ActiveX control (UUUpgrade.ocx 3.0.2.12) allows remote attackers to force the download and overwrite of arbitrary files via crafted arguments to the Update method, as exploited in the wild in June 2009.
« Previous 1 … 13 14 15 16 17 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE