Search Results (2919 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5430 1 Mozilla 1 Thunderbird 2026-04-23 N/A
Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which might allow remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173.
CVE-2008-1675 1 Linux 1 Linux Kernel 2026-04-23 N/A
The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.
CVE-2008-5363 2 Adobe, Redhat 3 Air, Flash Player, Rhel Extras 2026-04-23 N/A
The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF file.
CVE-2008-5361 2 Adobe, Redhat 3 Air, Flash Player, Rhel Extras 2026-04-23 N/A
The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspecified other actions, which allows remote attackers to read sensitive data from process memory via a crafted PDF file.
CVE-2006-6681 1 Chetcpasswd 1 Chetcpasswd 2026-04-23 N/A
Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow remote attackers to determine passwords via a dictionary attack.
CVE-2008-3134 1 Graphicsmagick 1 Graphicsmagick 2026-04-23 N/A
Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.
CVE-2008-5300 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2026-04-23 N/A
Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
CVE-2008-5285 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.
CVE-2009-0259 1 Openoffice 1 Openoffice.org 2026-04-23 N/A
The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841.
CVE-2008-0596 2 Easy Software Products, Redhat 3 Cups, Desktop, Enterprise Linux 2026-04-23 N/A
Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.
CVE-2008-5185 1 Geshi 1 Geshi 2026-04-23 N/A
The highlighting functionality in geshi.php in GeSHi before 1.0.8 allows remote attackers to cause a denial of service (infinite loop) via an XML sequence containing an opening delimiter without a closing delimiter, as demonstrated using "<".
CVE-2008-5102 1 Zope 1 Zope 2026-04-23 N/A
PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.
CVE-2008-5033 1 Linux 1 Linux Kernel 2026-04-23 N/A
The chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service (NULL function pointer dereference and OOPS) via unknown vectors.
CVE-2009-1957 1 Strongswan 1 Strongswan 2026-04-23 N/A
charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that triggers "an incomplete state," followed by a CREATE_CHILD_SA request.
CVE-2008-5018 4 Canonical, Debian, Mozilla and 1 more 6 Ubuntu Linux, Debian Linux, Firefox and 3 more 2026-04-23 N/A
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient class checking" in the Date class.
CVE-2007-4660 1 Php 1 Php 2026-04-23 N/A
Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation.
CVE-2007-4689 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets.
CVE-2007-4690 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.
CVE-2009-0166 5 Apple, Foolabs, Glyphandcog and 2 more 5 Cups, Xpdf, Xpdfreader and 2 more 2026-04-23 N/A
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
CVE-2008-0007 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.