CVE-2008-2725
- EPSS 3.7%
- Veröffentlicht 24.06.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:19
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger mem...
CVE-2008-2726
- EPSS 3.76%
- Veröffentlicht 24.06.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:19
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent at...
- EPSS 7.09%
- Veröffentlicht 10.06.2008 00:32:00
- Zuletzt bearbeitet 16.06.2026 22:52:14
The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, wh...
CVE-2008-1105
- EPSS 69.09%
- Veröffentlicht 29.05.2008 16:32:00
- Zuletzt bearbeitet 16.06.2026 22:51:00
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
CVE-2008-2137
- EPSS 0.45%
- Veröffentlicht 29.05.2008 16:32:00
- Zuletzt bearbeitet 16.06.2026 22:53:10
The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span)...
CVE-2008-2136
- EPSS 4.93%
- Veröffentlicht 16.05.2008 12:54:00
- Zuletzt bearbeitet 16.06.2026 22:53:10
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT...
CVE-2008-0166
- EPSS 70.72%
- Veröffentlicht 13.05.2008 17:20:00
- Zuletzt bearbeitet 16.06.2026 22:49:03
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptograp...
CVE-2008-2108
- EPSS 4.29%
- Veröffentlicht 07.05.2008 21:20:00
- Zuletzt bearbeitet 16.06.2026 22:53:07
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy a...
CVE-2008-2079
- EPSS 2.59%
- Veröffentlicht 05.05.2008 16:20:00
- Zuletzt bearbeitet 16.06.2026 22:53:03
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY argume...
CVE-2008-1375
- EPSS 0.31%
- Veröffentlicht 02.05.2008 16:05:00
- Zuletzt bearbeitet 16.06.2026 22:51:36
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.