|
260791
|
- |
|
redhat
|
certificate_system
|
Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2367
|
2017-08-8 10:30 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260792
|
- |
|
redhat
|
certificate_system
|
Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these file…
|
CWE-255
Credentials Management
|
CVE-2008-2368
|
2017-08-8 10:30 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260793
|
- |
|
gnu
|
gnutls
|
Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of ser…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-2377
|
2017-08-8 10:30 |
2008-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260794
|
- |
|
hf
|
hf
|
Untrusted search path vulnerability in hfkernel in hf 0.7.3 and 0.8 allows local users to gain privileges via a Trojan horse killall program in a directory in the PATH, related to improper handling o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2378
|
2017-08-8 10:30 |
2008-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260795
|
- |
|
courier-mta
|
courtier-authlib
|
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query …
|
CWE-89
SQL Injection
|
CVE-2008-2380
|
2017-08-8 10:30 |
2008-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260796
|
- |
|
trend_micro
|
serverprotect
|
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0012
|
2017-08-8 10:29 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260797
|
- |
|
trend_micro
|
serverprotect
|
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0013
|
2017-08-8 10:29 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260798
|
- |
|
trend_micro
|
serverprotect
|
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0014
|
2017-08-8 10:29 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260799
|
- |
|
cisco
|
unified_callmanager
unified_communications_manager
|
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL com…
|
CWE-89
SQL Injection
|
CVE-2008-0026
|
2017-08-8 10:29 |
2008-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260800
|
- |
|
cisco
|
application_velocity_system
|
Cisco Application Velocity System (AVS) before 5.1.0 is installed with default passwords for some system accounts, which allows remote attackers to gain privileges.
|
CWE-255
Credentials Management
|
CVE-2008-0029
|
2017-08-8 10:29 |
2008-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
