Export limit exceeded: 350478 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350478 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0706 | 2 Compaq, Hp | 4 Presario A900, Presario C700, G7000 and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password. | ||||
| CVE-2008-1169 | 1 Simm-comm | 1 Sci Photo Chat | 2026-04-23 | N/A |
| Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot forward slash) in the GET command. | ||||
| CVE-2008-0711 | 1 Hp | 4 Bl860c, Rx2660, Rx3600 and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the embedded management console in HP iLO-2 Management Processors (iLO-2 MP), as used in Integrity Servers rx2660, rx3600, and rx6600, and Integrity Blade Server model bl860c, allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2008-0712 | 1 Hp | 1 Software Update | 2026-04-23 | N/A |
| Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might overlap CVE-2007-6513. | ||||
| CVE-2008-0713 | 1 Hp | 1 Hp-ux | 2026-04-23 | N/A |
| Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors. | ||||
| CVE-2008-0714 | 1 Mihalism | 1 Multi Host | 2026-04-23 | N/A |
| SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action. | ||||
| CVE-2008-1170 | 1 Kcwiki | 1 Kcwiki | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in KCWiki 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the page parameter to (1) minimal/wiki.php and (2) simplest/wiki.php. | ||||
| CVE-2008-0715 | 1 Acdsee | 1 Photo Manager | 2026-04-23 | N/A |
| Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user-assisted remote attackers to execute arbitrary code via a malformed XBM file. NOTE: this might be the same as CVE-2007-6009. | ||||
| CVE-2008-0716 | 1 Symantec | 1 Altiris Notification Server | 2026-04-23 | N/A |
| The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 allows local users to gain privileges via a "Shatter" style attack. | ||||
| CVE-2008-0718 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors. | ||||
| CVE-2008-0719 | 1 Oscommerce | 2 Customer Testimonials, Oscommerce | 2026-04-23 | N/A |
| SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addon for osCommerce Online Merchant 2.2 allows remote attackers to execute arbitrary SQL commands via the testimonial_id parameter. | ||||
| CVE-2008-1036 | 2 Apple, Redhat | 3 Mac Os X, Mac Os X Server, Enterprise Linux | 2026-04-23 | N/A |
| The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. | ||||
| CVE-2008-0721 | 1 Mambo | 1 Com Sermon | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter. | ||||
| CVE-2008-1037 | 1 Packeteer | 2 Packetshaper, Policycenter | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into an Error Report page. | ||||
| CVE-2008-1171 | 1 Phpbb | 1 123 Flash Chat Module | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the 123 Flash Chat Module for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) 123flashchat.php and (2) phpbb_login_chat.php. NOTE: CVE disputes this issue because $phpbb_root_path is explicitly set to "./" in both programs | ||||
| CVE-2008-0728 | 1 Clamav | 1 Clamav | 2026-04-23 | N/A |
| The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption." | ||||
| CVE-2008-0729 | 1 Apple | 3 Iphone, Iphone Os, Mobile Safari | 2026-04-23 | N/A |
| Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0731 | 3 Linux, Novell, Suse | 3 Linux Kernel, Apparmor, Open Suse | 2026-04-23 | N/A |
| The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task. | ||||
| CVE-2008-1038 | 1 Drbenhur.com | 1 Dbhcms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in mod/mod.extmanager.php in DBHcms 1.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the extmanager_install parameter. | ||||
| CVE-2008-1039 | 1 Porar | 1 Webboard | 2026-04-23 | N/A |
| SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arbitrary SQL commands via the QID parameter. | ||||