• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2008-7321
Dell, Inspiron 5570 Firmware
Xps_7390_firmware, Xps_7390, Emc_integrated_data_protection_appliance_firmware, Emc_idpa_dp4400, Emc_idpa_dp5800, Emc_idpa_dp8300, Emc_idpa_dp8800, Emc_vnx2_firmware, Emc_vnx2, Chengming_3967_firmware
2019-08-23
N/A
6.1 MEDIUM
The tubepress plugin before 1.6.5 for WordPress has XSS.
CVE-2008-7320
2018-12-17
N/A
6.8 MEDIUM
** DISPUTED ** GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision.
CVE-2008-7319
2017-11-29
N/A
9.8 CRITICAL
The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters before use of backticks in External.pm, allowing for shell command injection and arbitrary command execution if untrusted input is used.
CVE-2008-7316
2016-05-06
N/A
5.5 MEDIUM
mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length.
CVE-2008-7315
2017-11-03
N/A
9.8 CRITICAL
UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.
CVE-2008-7314
2020-01-27
N/A
7.5 HIGH
mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname.
CVE-2008-7313
2017-04-04
N/A
9.8 CRITICAL
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.
CVE-2008-7312
2017-08-29
N/A
N/A
The Filtering Service in Websense Enterprise 5.2 through 6.3 does not consider the IP address during URL categorization, which makes it easier for remote attackers to bypass filtering via an HTTP request, as demonstrated by a request to a compromised server associated with a specific IP address.
CVE-2008-7311
2012-04-12
N/A
N/A
The session cookie store implementation in Spree 0.2.0 uses a hardcoded config.action_controller_session hash value (aka secret key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging an application that contains this value within the config/environment.rb file.
CVE-2008-7310
2012-04-05
N/A
N/A
Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a "mass assignment" vulnerability.
1 2 3 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE