EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface.
Max CVSS
10.0
EPSS Score
1.08%
Published
2008-04-14
Updated
2024-02-13
Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.
Max CVSS
10.0
EPSS Score
45.99%
Published
2008-04-14
Updated
2017-08-08
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
9.99%
Published
2008-04-04
Updated
2017-08-08
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
Max CVSS
10.0
EPSS Score
1.56%
Published
2008-04-16
Updated
2017-08-08
Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."
Max CVSS
10.0
EPSS Score
1.28%
Published
2008-04-07
Updated
2021-04-08
cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter.
Max CVSS
10.0
EPSS Score
94.63%
Published
2008-04-02
Updated
2019-08-14

CVE-2008-1602

Public exploit
Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows remote attackers to execute arbitrary code via a long download URL, which is not properly handled during Unicode conversion for a balloon notification after a download has failed.
Max CVSS
10.0
EPSS Score
77.75%
Published
2008-04-06
Updated
2018-10-11

CVE-2008-1611

Public exploit
Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows remote attackers to cause a denial of service or execute arbitrary code via a long filename in a read or write request.
Max CVSS
10.0
EPSS Score
37.68%
Published
2008-04-01
Updated
2017-09-29
Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of (1) /tmp and (2) MINDI_CACHE.
Max CVSS
10.0
EPSS Score
0.31%
Published
2008-04-02
Updated
2017-08-08
Unspecified vulnerability in IBM DB2 Content Manager before 8.3 FP8 has unknown impact and attack vectors related to the AllowedTrustedLogin privilege.
Max CVSS
10.0
EPSS Score
0.66%
Published
2008-04-04
Updated
2017-08-08
WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a long URI in HTTP requests to TCP port 801. NOTE: some of these details are obtained from third party information.
Max CVSS
10.0
EPSS Score
20.52%
Published
2008-04-07
Updated
2017-08-08

CVE-2008-1697

Public exploit
Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.
Max CVSS
10.0
EPSS Score
95.57%
Published
2008-04-08
Updated
2017-09-29
Multiple buffer overflows in TIBCO Software Enterprise Message Service (EMS) before 4.4.3, and iProcess Engine 10.6.0 through 10.6.1, allow remote attackers to execute arbitrary code via a crafted message to the EMS server.
Max CVSS
10.0
EPSS Score
10.35%
Published
2008-04-11
Updated
2017-08-08
Multiple unspecified vulnerabilities in phpBB before 3.0.1 have unknown impact and attack vectors, related to "two minor security-related bugs."
Max CVSS
10.0
EPSS Score
0.27%
Published
2008-04-12
Updated
2017-08-08
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01.
Max CVSS
10.0
EPSS Score
0.74%
Published
2008-04-16
Updated
2018-10-11
Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08.
Max CVSS
10.0
EPSS Score
0.74%
Published
2008-04-16
Updated
2018-10-11
Unspecified vulnerability in the Oracle Application Express component in Oracle Application Express 3.0.1 has unknown impact and remote attack vectors, aka APEX02.
Max CVSS
10.0
EPSS Score
0.74%
Published
2008-04-16
Updated
2018-10-11
Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.14 has unknown impact and remote attack vectors, aka AS01.
Max CVSS
10.0
EPSS Score
0.74%
Published
2008-04-16
Updated
2018-10-11
Unspecified vulnerability in the Oracle Dynamic Monitoring Service component in Oracle Application Server 9.0.4.3, 10.1.2.2, and 10.1.3.3 has unknown impact and remote attack vectors, aka AS02.
Max CVSS
10.0
EPSS Score
0.69%
Published
2008-04-16
Updated
2021-07-28
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 has unknown impact and remote attack vectors, aka AS03.
Max CVSS
10.0
EPSS Score
0.74%
Published
2008-04-16
Updated
2018-10-11
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and attack vectors related to (a) Advanced Pricing, aka (1) APP01 and (2) APP10; and (b) Applications Framework, aka (3) APP05.
Max CVSS
10.0
EPSS Score
0.74%
Published
2008-04-16
Updated
2018-10-11
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 and 12.0.4 have unknown impact and attack vectors related to (a) Advanced Pricing component, aka (1) APP02, (2) APP03, and (3) APP09; (b) Application Object Library component, aka (4) APP04, (5) APP07, and (6) APP11; (c) Applications Manager component, aka (7) APP06; (d) and Applications Technology Stack component, aka (8) APP08.
Max CVSS
10.0
EPSS Score
0.81%
Published
2008-04-16
Updated
2018-10-11
Multiple unspecified vulnerabilities in the Siebel SimBuilder component in Oracle Siebel Enterprise 7.8.2 and 7.8.5 have unknown impact and remote or local attack vectors, aka (1) SEBL01, (2) SEBL02, (3) SEBL03, (4) SEBL04, (5) SEBL05, and (6) SEBL06.
Max CVSS
10.0
EPSS Score
0.93%
Published
2008-04-16
Updated
2018-10-11
Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
20.62%
Published
2008-04-16
Updated
2018-10-11
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244.
Max CVSS
10.0
EPSS Score
12.54%
Published
2008-04-22
Updated
2018-10-11
454 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!