Export limit exceeded: 349868 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349868 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5145 | 1 Debian | 1 Ltp | 2026-04-23 | N/A |
| ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu.##### temporary file. | ||||
| CVE-2008-5146 | 1 Erl Wustl | 1 Ctn | 2026-04-23 | N/A |
| add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/accession temporary file. | ||||
| CVE-2008-5148 | 1 Geda | 1 Gnetlist | 2026-04-23 | N/A |
| sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file. | ||||
| CVE-2008-5150 | 1 Jose Carlos Medeiros | 1 Maildirsync | 2026-04-23 | N/A |
| sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-*.#####.log temporary file. | ||||
| CVE-2008-5151 | 1 Abottoms | 1 Mayavi | 2026-04-23 | N/A |
| test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/err.log temporary file. | ||||
| CVE-2008-5166 | 1 Easysitenetwork | 1 Riddles Website | 2026-04-23 | N/A |
| SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote attackers to execute arbitrary SQL commands via the riddleid parameter. | ||||
| CVE-2008-5167 | 1 Boonex | 1 Orca | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gConf[dir][layouts] parameter. | ||||
| CVE-2008-5168 | 1 Easysitenetwork | 1 Tips Complete Website | 2026-04-23 | N/A |
| SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to execute arbitrary SQL commands via the tipid parameter. | ||||
| CVE-2008-5169 | 1 Easysitenetwork | 1 Drinks Complete Website | 2026-04-23 | N/A |
| SQL injection vulnerability in drinks/drink.php in Drinks Complete Website 2.1.0 allows remote attackers to execute arbitrary SQL commands via the drinkid parameter. | ||||
| CVE-2008-5170 | 1 Easysitenetwork | 1 Cheats Complete Website | 2026-04-23 | N/A |
| SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter. | ||||
| CVE-2008-5171 | 1 Phpblaster | 1 Phpblaster Cms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) DB, (2) lang, and (3) skin parameters. | ||||
| CVE-2008-5174 | 1 Easysitenetwork | 1 Jokes Complete Website | 2026-04-23 | N/A |
| SQL injection vulnerability in joke.php in Jokes Complete Website 2.1.3 allows remote attackers to execute arbitrary SQL commands via the jokeid parameter. | ||||
| CVE-2008-5175 | 1 Visicommedia | 1 Aceftp | 2026-04-23 | N/A |
| Directory traversal vulnerability in the FTP client in AceFTP Freeware 3.80.3 and AceFTP Pro 3.80.3 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | ||||
| CVE-2008-5176 | 1 Clientsoftware | 1 Wincom Mpd Total | 2026-04-23 | N/A |
| Multiple buffer overflows in Client Software WinCom LPD Total 3.0.2.623 and earlier allow remote attackers to execute arbitrary code via (1) a long 0x02 command to the remote administration service on TCP port 13500 or (2) a long invalid control filename to LPDService.exe on TCP port 515. | ||||
| CVE-2008-5177 | 1 Insight-tech | 1 Yosemite Backup | 2026-04-23 | N/A |
| Stack-based buffer overflow in the DtbClsLogin function in Yosemite Backup 8.7 allows remote attackers to (1) execute arbitrary code on a Linux platform, related to libytlindtb.so; or (2) cause a denial of service (application crash) and possibly execute arbitrary code on a Windows platform, related to ytwindtb.dll; via a long username field during authentication. | ||||
| CVE-2008-5178 | 2 Microsoft, Opera | 2 Windows, Opera | 2026-04-23 | N/A |
| Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. NOTE: this might overlap CVE-2008-5680. | ||||
| CVE-2008-5179 | 1 Microsoft | 3 Office Communications Server, Office Communicator, Windows Live Messenger | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and Windows Live Messenger allows remote attackers to cause a denial of service (crash) via a crafted Real-time Transport Control Protocol (RTCP) receiver report packet. | ||||
| CVE-2008-5187 | 1 Enlightenment | 1 Imlib2 | 2026-04-23 | N/A |
| The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426. | ||||
| CVE-2008-5189 | 1 Rubyonrails | 2 Rails, Ruby On Rails | 2026-04-23 | N/A |
| CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirect_to function. | ||||
| CVE-2008-5190 | 1 Eshop100 | 1 Eshop100 | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in eSHOP100 allows remote attackers to execute arbitrary SQL commands via the SUB parameter. | ||||