Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-10-21 | CVE-2008-3248 | Information Exposure vulnerability in Symantec Veritas File System 5.0/Unknown qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, does not initialize filesystem blocks during creation of a file, which allows local users to obtain sensitive information by creating and then reading files. | 4.6 |
| 2008-10-21 | CVE-2007-4350 | Cross-Site Scripting vulnerability in HP Sitescope 9.0 Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message. | 4.3 |
| 2008-10-21 | CVE-2008-4635 | Information Exposure vulnerability in Hisanaga Electric CO Hisa Cart Unspecified vulnerability in Hisanaga Electric Co, Ltd. | 5.0 |
| 2008-10-21 | CVE-2008-4634 | Cross-Site Scripting vulnerability in SIX Apart Movable Type 4/4.20 Cross-site scripting (XSS) vulnerability in Movable Type 4 through 4.21 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the administrative page, a different vulnerability than CVE-2008-4079. | 3.5 |
| 2008-10-21 | CVE-2008-4633 | SQL Injection vulnerability in Drupal Node Clone SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for Drupal, when "Allow user to vote again" is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to a "previously cast vote." | 6.0 |
| 2008-10-21 | CVE-2008-4632 | Path Traversal vulnerability in Kure 0.6.3 Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magic_quotes_gpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. | 6.8 |
| 2008-10-21 | CVE-2008-4631 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Myer Sound Laboratories Muscle Stack-based buffer overflow in the Message::AddToString function in message/Message.cpp in MUSCLE before 4.40 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted message. | 10.0 |
| 2008-10-21 | CVE-2008-4630 | Multiple Unspecified vulnerability in Midgard Components Framework 2.9/8.09.0 Multiple unspecified vulnerabilities in Midgard Components (MidCOM) Framework before 8.09.1 have unknown impact and attack vectors. | 10.0 |
| 2008-10-21 | CVE-2008-4629 | Cross-Site Scripting vulnerability in Usagi Mynets Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-10-21 | CVE-2008-4628 | SQL Injection vulnerability in Mywebland Minibloggie 1.0 SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the post_id parameter. | 7.5 |