CVE-2008-1945
- EPSS 0.47%
- Veröffentlicht 08.08.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:52:48
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different for...
CVE-2008-3534
- EPSS 0.53%
- Veröffentlicht 08.08.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:56:00
The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as d...
CVE-2008-3535
- EPSS 0.53%
- Veröffentlicht 08.08.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:56:00
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrate...
CVE-2008-3272
- EPSS 0.42%
- Veröffentlicht 08.08.2008 18:41:00
- Zuletzt bearbeitet 16.06.2026 22:55:30
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain da...
CVE-2008-2939
- EPSS 38.95%
- Veröffentlicht 06.08.2008 18:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:46
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary we...
CVE-2008-3142
- EPSS 4.49%
- Veröffentlicht 01.08.2008 14:41:00
- Zuletzt bearbeitet 16.06.2026 22:55:13
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicod...
CVE-2008-2934
- EPSS 3.59%
- Veröffentlicht 18.07.2008 16:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:45
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.
CVE-2008-2931
- EPSS 0.38%
- Veröffentlicht 09.07.2008 18:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:45
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of ...
CVE-2008-2812
- EPSS 0.43%
- Veröffentlicht 09.07.2008 00:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:32
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) ha...
CVE-2008-2371
- EPSS 6.73%
- Veröffentlicht 07.07.2008 23:41:00
- Zuletzt bearbeitet 16.06.2026 22:53:39
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins ...