Search Results (364156 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3808 1 Cisco 1 Ios 2026-04-23 N/A
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.
CVE-2008-3809 1 Cisco 1 Ios 2026-04-23 N/A
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.
CVE-2008-3810 1 Cisco 1 Ios 2026-04-23 N/A
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811.
CVE-2008-3811 1 Cisco 1 Ios 2026-04-23 N/A
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810.
CVE-2008-3812 1 Cisco 1 Ios 2026-04-23 N/A
Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.
CVE-2008-3813 1 Cisco 1 Ios 2026-04-23 N/A
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.
CVE-2008-3814 1 Cisco 1 Unity 2026-04-23 N/A
Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once.
CVE-2008-3815 1 Cisco 2 Asa 5500, Pix 2026-04-23 N/A
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.
CVE-2008-3816 1 Cisco 2 Adaptive Security Appliance 5500 Series, Pix Security Appliance 2026-04-23 N/A
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.
CVE-2008-3817 1 Cisco 2 Adaptive Security Appliance 5500 Series, Pix Security Appliance 2026-04-23 N/A
Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator."
CVE-2008-3818 1 Cisco 7 Ons, Ons 15310-cl, Ons 15310-ma and 4 more 2026-04-23 N/A
Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.
CVE-2008-3819 1 Cisco 4 Gss 4480 Global Site Selector, Gss 4490 Global Site Selector, Gss 4491 Global Site Selector and 1 more 2026-04-23 N/A
dnsserver in Cisco Application Control Engine Global Site Selector (GSS) before 3.0(1) allows remote attackers to cause a denial of service (daemon crash) via a series of crafted DNS requests, aka Bug ID CSCsj70093.
CVE-2008-3820 1 Cisco 1 Security Manager 2026-04-23 N/A
Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
CVE-2008-3821 1 Cisco 1 Ios 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
CVE-2008-3823 1 Horde 1 Horde 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in MIME/MIME/Contents.php in the MIME library in Horde 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of a MIME attachment in an e-mail message.
CVE-2008-3824 2 Horde, Popoon 2 Horde, Popoon 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in (1) Text_Filter/Filter/xss.php in Horde 3.1.x before 3.1.9 and 3.2.x before 3.2.2 and (2) externalinput.php in Popoon r22196 and earlier allows remote attackers to inject arbitrary web script or HTML by using / (slash) characters as replacements for spaces in an HTML e-mail message.
CVE-2008-3825 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-04-23 N/A
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.
CVE-2008-3826 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2026-04-23 N/A
Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors.
CVE-2008-3827 1 Mplayer 1 Mplayer 2026-04-23 N/A
Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory.
CVE-2008-3828 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2026-04-23 N/A
Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.