Export limit exceeded: 346990 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346990 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1291 | 3 Gentoo, Redhat, Viewvc | 3 Linux, Fedora, Viewvc | 2026-04-23 | N/A |
| ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder. | ||||
| CVE-2008-1293 | 1 Ltsp | 1 Linux Terminal Server Project | 2026-04-23 | N/A |
| ldm in Linux Terminal Server Project (LTSP) 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 (aka display :6). | ||||
| CVE-2008-1294 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits. | ||||
| CVE-2008-1295 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2026-04-23 | N/A |
| SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Greg's Place) phpMyNewsletter 0.8 beta 5 and earlier allows remote attackers to execute arbitrary SQL commands via the msg_id parameter. | ||||
| CVE-2008-1297 | 3 Ewriting, Joomla, Mambo | 3 Ewriting, Com Ewriting, Com Ewriting | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. | ||||
| CVE-2006-5363 | 1 Oracle | 2 Application Server, Collaboration Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 10.1.2.0.1 and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka Vuln# SSO02. | ||||
| CVE-2008-1311 | 1 Packettrap | 1 Pt360 Tool Suite Pro | 2026-04-23 | N/A |
| The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and earlier allows remote attackers to cause a denial of service (daemon hang) by uploading a file named (1) '|' (pipe), (2) '"' (quotation mark), or (3) "<>" (less than, greater than); or (4) a file with a long name. NOTE: the issue for vector 4 might exist because of an incomplete fix for CVE-2008-1312. | ||||
| CVE-2008-1312 | 1 Packettrap | 1 Pt360 Tool Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the TFTP server in PacketTrap Networks pt360 Tool Suite 1.1.33.1.0, and other versions before 2.0.3900.0, allows remote attackers to cause a denial of service (daemon crash) via a long TFTP packet, a different vulnerability than CVE-2008-1311. | ||||
| CVE-2008-1313 | 1 Bill Roberts | 1 Bloo | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) post_id, (2) post_category_id, (3) post_year_month, and (4) static_page_id parameters; and unspecified other vectors. | ||||
| CVE-2008-1314 | 2 Johannes Hass, Phpnuke | 2 Gaestebuch Module, Php-nuke | 2026-04-23 | N/A |
| SQL injection vulnerability in the Johannes Hass gaestebuch 2.2 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to modules.php. | ||||
| CVE-2008-1315 | 1 Php-nuke | 1 Zclassifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in the ZClassifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter to modules.php. | ||||
| CVE-2008-1316 | 1 Qt-cute | 1 Quicktalk Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in qtf_ind_search_ov.php in QT-cute QuickTalk Forum 1.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1318 | 1 Mediawiki | 1 Mediawiki | 2026-04-23 | N/A |
| Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation (JSON) formatted results. | ||||
| CVE-2008-1319 | 1 Versant | 1 Versant Object Database | 2026-04-23 | N/A |
| Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field. | ||||
| CVE-2008-1320 | 1 Asg | 1 Asg-sentry | 2026-04-23 | N/A |
| Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash) via (1) a long request to FxIAList on TCP port 6162, or (2) an SNMP request with a long community string to FxAgent on UDP port 6161. | ||||
| CVE-2008-1321 | 1 Asg-sentry | 1 Asg-sentry | 2026-04-23 | N/A |
| The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier does require authentication, which allows remote attackers to cause a denial of service (service termination) via the exit command to TCP port 6162, or have other impacts via other commands. | ||||
| CVE-2008-1322 | 1 Asg-sentry | 1 Asg-sentry | 2026-04-23 | N/A |
| The File Check Utility (fcheck.exe) in ASG-Sentry Network Manager 7.0.0 and earlier allows remote attackers to cause a denial of service (CPU consumption) or overwrite arbitrary files via a query string that specifies the -b option, probably due to an argument injection vulnerability. | ||||
| CVE-2008-1324 | 1 Leinir | 1 Travelsized Cms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Travelsized CMS 0.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page_id and (2) language parameters. NOTE: this might be the same issue as CVE-2008-1325. | ||||
| CVE-2008-1327 | 1 Gallarific | 1 Gallarific | 2026-04-23 | N/A |
| Gallarific does not require authentication for (1) users.php and (2) index.php, which allows remote attackers to add and edit tasks via a direct request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1328 | 2 Broadcom, Computer Associates | 3 Desktop Management Suite, Arcserve Backup Laptops And Desktops, Desktop Management Suite | 2026-04-23 | N/A |
| Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments." | ||||