Export limit exceeded: 342067 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4242 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4722 | 1 Sun | 37 Blade 6000 Modular System With Chassis, Blade 6048 Modular System With Chassis, Blade 8000 Modular System and 34 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26 allows remote authenticated users to (1) access the service processor (SP) and cause a denial of service (shutdown or reboot), or (2) access the host operating system and have an unspecified impact, via unknown vectors. | ||||
| CVE-2008-4752 | 1 Tech Logic | 1 Tlnews | 2025-04-09 | N/A |
| TlNews 2.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlNews_login cookie to admin. | ||||
| CVE-2008-4783 | 1 Easy-script | 1 Tlads | 2025-04-09 | N/A |
| tlAds 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the tlAds_login cookie to "admin." | ||||
| CVE-2008-4784 | 1 Aflog | 1 Aflog | 2025-04-09 | N/A |
| aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to "A" or "O" in (1) edit_delete.php, (2) edit_cat.php, (3) edit_lock.php, and (4) edit_form.php. | ||||
| CVE-2008-5022 | 4 Canonical, Debian, Mozilla and 1 more | 6 Ubuntu Linux, Debian Linux, Firefox and 3 more | 2025-04-09 | N/A |
| The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check. | ||||
| CVE-2008-5040 | 1 Graphiks | 1 Myforum | 2025-04-09 | N/A |
| Graphiks MyForum 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the (1) myforum_login and (2) myforum_pass cookies to 1. | ||||
| CVE-2008-5042 | 1 Zeeways | 1 Photovideotube | 2025-04-09 | N/A |
| Zeeways PhotoVideoTube 1.1 and earlier allows remote attackers to bypass authentication and perform administrative tasks via a direct request to admin/home.php. | ||||
| CVE-2008-5065 | 1 Easy-script | 1 Tlguesbook | 2025-04-09 | N/A |
| TlGuestBook 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin. | ||||
| CVE-2008-5082 | 1 Redhat | 2 Dogtag Certificate System, Certificate System | 2025-04-09 | N/A |
| The verifyProof function in the Token Processing System (TPS) component in Red Hat Certificate System (RHCS) 7.1 through 7.3 and Dogtag Certificate System 1.0 returns successfully even when token enrollment did not use the hardware key, which allows remote authenticated users with enrollment privileges to bypass intended authentication policies by performing enrollment with a software key. | ||||
| CVE-2008-5124 | 1 Jscape | 1 Secure Ftp Applet | 2025-04-09 | N/A |
| JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to verify a new or mismatched SSH host key, which makes it easier for remote attackers to perform man-in-the-middle attacks. | ||||
| CVE-2008-5125 | 1 Castillocentral | 1 Ccleague | 2025-04-09 | N/A |
| admin.php in CCleague Pro 1.2 allows remote attackers to bypass authentication by setting the type cookie value to admin. | ||||
| CVE-2008-5407 | 1 Symantec | 1 Backup Exec For Windows Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the Backup Exec remote-agent logon process in Symantec Backup Exec for Windows Servers 11.0 (aka 11d) builds 6235 and 7170, 12.0 build 1364, and 12.5 build 2213 allow remote attackers to bypass authentication, and read or delete files, via unknown vectors. | ||||
| CVE-2008-5497 | 1 Bandsitecms | 1 Bandsite Cms | 2025-04-09 | N/A |
| BandSite CMS 1.1.4 allows remote attackers to bypass authentication and gain administrative access by setting the login_auth cookie to true. | ||||
| CVE-2008-5558 | 1 Asterisk | 2 Asterisk Business Edition, Open Source | 2025-04-09 | N/A |
| Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching. | ||||
| CVE-2008-5575 | 1 Proclanmanager | 1 Pro Clan Manager | 2025-04-09 | N/A |
| Session fixation vulnerability in Pro Clan Manager 0.4.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||||
| CVE-2008-5576 | 1 Scssboard | 1 Scssboard | 2025-04-09 | N/A |
| admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authentication and gain administrative access via a large value of the current_user[users_level] parameter. | ||||
| CVE-2008-5686 | 1 Ibm | 1 Tivoli Provisioning Manager | 2025-04-09 | N/A |
| IBM Tivoli Provisioning Manager (TPM) before 5.1.1.1 IF0006, when its LDAP service is shared with other applications, does not require that an LDAP user be listed in the TPM user records, which allows remote authenticated users to execute SOAP commands that access arbitrary TPM functionality, as demonstrated by running provisioning workflows. | ||||
| CVE-2008-5708 | 1 Slimcms | 1 Slimcms | 2025-04-09 | N/A |
| redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1. | ||||
| CVE-2008-5721 | 1 Sapporoworks | 1 Blackjumbodog | 2025-04-09 | N/A |
| SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote attackers to bypass authentication and obtain sensitive information via unspecified vectors. | ||||
| CVE-2008-5783 | 1 V3chat | 1 V3 Chat Live Support | 2025-04-09 | N/A |
| admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1. | ||||