Search Results (2713 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0979 2 Double-take Software, Hp 2 Double-take, Storageworks Double-take 2026-04-23 N/A
Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain packet that triggers the recursive calling of a function.
CVE-2008-0983 1 Lighttpd 1 Lighttpd 2026-04-23 N/A
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.
CVE-2008-0984 2 Miro, Videolan 2 Miro Player, Vlc Media Player 2026-04-23 N/A
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
CVE-2008-1024 2 Apple, Microsoft 3 Safari, Windows Vista, Windows Xp 2026-04-23 N/A
Apple Safari before 3.1.1, when running on Windows XP or Vista, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file download with a crafted file name, which triggers memory corruption.
CVE-2008-1071 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
CVE-2008-1088 1 Microsoft 1 Project 2026-04-23 N/A
Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a crafted Project file, related to improper validation of "memory resource allocations."
CVE-2008-1090 1 Microsoft 2 Office, Visio 2026-04-23 N/A
Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."
CVE-2008-1097 2 Imagemagick, Redhat 3 Graphicsmagick, Imagemagick, Enterprise Linux 2026-04-23 N/A
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.
CVE-2008-1141 1 Deslock 1 Deslock 2026-04-23 N/A
Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (kernel memory consumption) via a series of DLMFENC_IOCTL requests to \\.\DLKPFSD_Device that allocate "link list structures."
CVE-2008-1150 1 Cisco 1 Ios 2026-04-23 N/A
The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309.
CVE-2008-1151 1 Cisco 1 Ios 2026-04-23 N/A
Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566.
CVE-2008-1152 1 Cisco 2 Cisco Ios, Ios 2026-04-23 N/A
The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets.
CVE-2008-1707 1 Ibm 1 Soliddb 2026-04-23 N/A
IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a packet with an 0x11 value in a certain "type" field.
CVE-2008-1708 1 Ibm 1 Soliddb 2026-04-23 N/A
IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field.
CVE-2008-1728 1 Ignite Realtime 1 Openfire 2026-04-23 N/A
ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows remote authenticated users to cause a denial of service (daemon outage) by triggering large outgoing queues without reading messages.
CVE-2006-5656 1 Vilistextum 1 Vilistextum 2026-04-23 N/A
Memory leak in the push_align function in src/util.c in Vilistextum before 2.6.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the tmp_align variable. NOTE: it is not clear whether this is a vulnerability, due to the functionality of the product.
CVE-2009-3798 2 Adobe, Redhat 3 Adobe Air, Flash Player, Rhel Extras 2026-04-23 N/A
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
CVE-2008-1742 1 Cisco 1 Unified Communications Manager 2026-04-23 N/A
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609.
CVE-2006-5728 1 Dxmsoft 1 Xm Easy Personal Ftp Server 2026-04-23 N/A
XM Easy Personal FTP Server 5.2.1 and earlier allows remote authenticated users to cause a denial of service via a long argument to the NLST command, possibly involving the -al flags.
CVE-2008-1761 1 Opera 1 Opera 2026-04-23 N/A
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.