• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-2381
2017-08-08
N/A
N/A
SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.
CVE-2008-2380
2017-08-08
N/A
N/A
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.
CVE-2008-2379
2017-09-29
N/A
N/A
Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
CVE-2008-2378
2017-08-08
N/A
N/A
Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling of the -k option.
CVE-2008-2377
2017-08-08
N/A
N/A
Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle.
CVE-2008-2376
Ruby, Ruby-lang
Ruby
2023-02-13
N/A
N/A
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.
CVE-2008-2375
2023-02-13
N/A
N/A
Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962.
CVE-2008-2374
2017-09-29
N/A
N/A
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.
CVE-2008-2373
2009-03-26
N/A
N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2863. Reason: This candidate is a reservation duplicate of CVE-2008-2863. Notes: All CVE users should reference CVE-2008-2863 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2008-2372
2023-02-13
N/A
N/A
The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages."
« Previous 1 … 484 485 486 487 488 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE