Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-10-17 | CVE-2008-4595 | Multiple Unspecified vulnerability in Slaytanic Scripts Content Plus 2.1.1 Multiple unspecified vulnerabilities in Slaytanic Scripts Content Plus 2.1.1 have unknown impact and remote attack vectors. | 10.0 |
| 2008-10-17 | CVE-2008-4594 | Unspecified vulnerability in Linksys Wap400N 1.2.14 Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. | 10.0 |
| 2008-10-17 | CVE-2008-4593 | Information Exposure vulnerability in Apple Iphone 2.1 Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is disabled, allows physically proximate attackers to obtain sensitive information by performing an Emergency Call tap and then reading SMS messages on the device screen, aka Apple bug number 6267416. | 1.2 |
| 2008-10-17 | CVE-2008-4412 | Information Exposure vulnerability in HP Systems Insight Manager Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2008-10-17 | CVE-2008-4473 | Buffer Errors vulnerability in Adobe Flash Player Cs3/Mx2004 Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters. | 9.3 |
| 2008-10-17 | CVE-2008-4401 | Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which allows remote attackers to create a browse dialog box, and possibly have unspecified other impact, via an SWF file. | 10.0 |
| 2008-10-16 | CVE-2008-4592 | Path Traversal vulnerability in Sportspanel Sports Clubs web Portal 0.0.1 Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. | 10.0 |
| 2008-10-16 | CVE-2008-4591 | Cross-Site Scripting vulnerability in PHPwebgallery 1.3.4 Multiple cross-site scripting (XSS) vulnerabilities in admin/include/isadmin.inc.php in PhpWebGallery 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) lang[access_forbiden] and (2) lang[ident_title] parameters. | 4.3 |
| 2008-10-16 | CVE-2008-4590 | SQL Injection vulnerability in Stash 1.0.3 Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to admin/login.php and (2) the post parameter to admin/news.php. | 7.5 |
| 2008-10-15 | CVE-2008-4589 | Buffer Errors vulnerability in Lenovo Resuce and Recovery 4.20/4.20.0511/4.20.0512 Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name. | 7.2 |