High · CVSS 7.5
activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus() method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although the control is not marked safe for scripting, exploitation is possible via crafted HTML content in Internet Explorer under permissive security settings.
Published Aug 30, 2025 · Updated May 15, 2026
High · CVSS 8.8 · CISA KEV
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.
Published Aug 5, 2008 · Updated Oct 22, 2025
Critical · CVSS 9.1
Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
Published Aug 27, 2008 · Updated Apr 3, 2025
Unknown · CVSS Not scored
src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Published Aug 13, 2008 · Updated Mar 27, 2025
Critical · CVSS 9.8
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password.
Published Aug 28, 2009 · Updated Jan 21, 2025
High · CVSS 7.8
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.
Published Aug 29, 2008 · Updated Jan 17, 2025
Medium · CVSS 4.4
Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local administrators to obtain sensitive information by reading and decrypting the QualityControl\_pack registry value.
Published Aug 22, 2008 · Updated Jan 17, 2025
Unknown · CVSS Not scored
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter.
Published Aug 28, 2009 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
Published Aug 9, 2011 · Updated Sep 17, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Published Aug 18, 2009 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
Published Aug 9, 2011 · Updated Sep 17, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in trl.php in YourFreeWorld Stylish Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
Published Aug 21, 2008 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Microsoft Internet Explorer cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
Published Aug 9, 2011 · Updated Sep 17, 2024
Unknown · CVSS Not scored
AJ Square Free Polling Script (AJPoll) allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Published Aug 24, 2009 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The password_check function in auth/auth_phpbb3.php in WoW Raid Manager 3.5.1 before Patch 1, when using PHPBB3 authentication, (1) does not invoke the CheckPassword function with the required arguments, which always triggers an authentication failure, and (2) returns true instead of false when an authentication failure occurs, which allows remote attackers to bypass authentication and gain privileges with an arbitrary password.
Published Aug 24, 2009 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
Published Aug 9, 2011 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Published Aug 13, 2008 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Published Aug 11, 2008 · Updated Sep 17, 2024
Unknown · CVSS Not scored
LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Published Aug 1, 2008 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977.
Published Aug 9, 2011 · Updated Sep 17, 2024
Unknown · CVSS Not scored
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field.
Published Aug 12, 2011 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search bar.
Published Aug 28, 2009 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SpeedBit Video Acceleration before 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Published Aug 1, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
Published Aug 9, 2011 · Updated Sep 16, 2024
Unknown · CVSS Not scored
GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
Published Aug 18, 2009 · Updated Sep 16, 2024
Unknown · CVSS Not scored
WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Published Aug 1, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Siemens Gigaset WLAN Camera 1.27 has an insecure default password, which allows remote attackers to conduct unauthorized activities. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Published Aug 18, 2009 · Updated Sep 16, 2024
Unknown · CVSS Not scored
OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Published Aug 1, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this issue because it is solely a usability problem for senders of messages with certain long lines, and has no security impact
Published Aug 20, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Published Aug 1, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) passthru, or (5) popen functions, possibly involving pathnames such as "C:" drive notation.
Published Aug 18, 2009 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
Published Aug 9, 2011 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Published Aug 1, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory.
Published Aug 4, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Published Aug 1, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The tubepress plugin before 1.6.5 for WordPress has XSS.
Published Aug 22, 2019 · Updated Aug 7, 2024
Unknown · CVSS Not scored
The Filtering Service in Websense Enterprise 5.2 through 6.3 does not consider the IP address during URL categorization, which makes it easier for remote attackers to bypass filtering via an HTTP request, as demonstrated by a request to a compromised server associated with a specific IP address.
Published Aug 23, 2012 · Updated Aug 7, 2024
Unknown · CVSS Not scored
easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service (crash) via a crafted IOCTL 0x222003 request to the \\.\easdrv device interface.
Published Aug 28, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing certain remapping registers in Xen 3.3.
Published Aug 27, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
Unspecified vulnerability in DotNetNuke 4.0 through 4.8.4 and 5.0 allows remote attackers to obtain sensitive information (portal number) by accessing the install wizard page via unknown vectors.
Published Aug 27, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 uses a small space of predictable user identification numbers for access control, which allows remote attackers to upload documents via a brute force attack.
Published Aug 28, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification.
Published Aug 31, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
WeBid auction script 0.5.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain SQL query logs via a direct request for logs/cron.log.
Published Aug 28, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Published Aug 28, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
pphoto in Ariadne before 2.6 allows remote authenticated users with certain privileges to execute arbitrary shell commands via vectors related to PINP programs and the annotate command. NOTE: some of these details are obtained from third party information.
Published Aug 31, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
Stack-based buffer overflow in an ActiveX control in najdisitoolbar.dll in Najdi.si Toolbar 2.0.4.1 allows remote attackers to cause a denial of service (browser crash) or execute arbitrary code via a long Document.Location property value.
Published Aug 27, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to cause a denial of service (hang or crash) via invalid field length values in a malformed (1) document or (2) request.
Published Aug 28, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
Multiple cross-site scripting (XSS) vulnerabilities in Carmosa phpCart 3.4 through 4.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) quantity or (2) Add Engraving fields to the default URI; (3) Quantity field to phpcart.php; (4) Name, (5) Company, (6) Address, (7) City, and (8) Province/State fields in a checkout action to phpcart.php; and other unspecified vectors.
Published Aug 28, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow.
Published Aug 31, 2009 · Updated Aug 7, 2024
Unknown · CVSS Not scored
The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors.
Published Aug 31, 2009 · Updated Aug 7, 2024