Export limit exceeded: 361326 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361326 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4010 | 1 Oracle | 1 Bea Product Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI tags." | ||||
| CVE-2008-6479 | 1 Parallels | 1 Parallels Virtuozzo | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to modify the password via a link or IMG tag to vz/cp/pwd. | ||||
| CVE-2008-4011 | 1 Oracle | 1 Bea Product Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors. | ||||
| CVE-2009-0740 | 1 Frankmancuso | 1 Bluebird | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in BlueBird Prelease allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters. | ||||
| CVE-2008-3063 | 1 V-webmail | 1 V-webmail | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in V-webmail 1.5.0 might allow remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-4012 | 1 Oracle | 1 Weblogic Workshop | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite WLW 8.1SP5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI pageflows." | ||||
| CVE-2008-2369 | 1 Redhat | 2 Network Satellite, Satellite | 2026-04-23 | 9.1 Critical |
| manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements. | ||||
| CVE-2008-3320 | 1 Maian | 1 Guestbook | 2026-04-23 | N/A |
| admin/index.php in Maian Guestbook 3.2 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary gbook_cookie cookie. | ||||
| CVE-2008-4015 | 1 Oracle | 1 Database 10g | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Streams component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_STREAMS_AUTH. | ||||
| CVE-2008-6480 | 1 Softnews Media Group | 1 Datalife Engine | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in engine/modules/imagepreview.php in Datalife Engine 6.7 allows remote attackers to hijack the authentication of arbitrary users for requests that use a modified image parameter. | ||||
| CVE-2009-0139 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows remote SMB servers to cause a denial of service (system shutdown) or execute arbitrary code via a crafted SMB file system that triggers a heap-based buffer overflow. | ||||
| CVE-2008-3064 | 1 Realnetworks | 1 Realplayer | 2026-04-23 | N/A |
| Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability." | ||||
| CVE-2008-3067 | 1 Suse | 1 Opensuse | 2026-04-23 | N/A |
| sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits. | ||||
| CVE-2008-2371 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2026-04-23 | N/A |
| Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. | ||||
| CVE-2008-4017 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors. | ||||
| CVE-2008-3886 | 1 Dotproject | 1 Dotproject | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in dotProject 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the inactive parameter in a tasks action, (2) the date parameter in a calendar day_view action, (3) the callback parameter in a public calendar action, or (4) the type parameter in a ticketsmith action. | ||||
| CVE-2008-3884 | 1 Blogn | 1 Blogn | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Blogn (BURO GUN) 1.9.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2006-6176. | ||||
| CVE-2008-3297 | 1 Social Engine | 1 Social Engine | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.83 allow remote attackers to execute arbitrary SQL commands via (1) an se_user cookie to include/class_user.php or (2) an se_admin cookie to include/class_admin.php. | ||||
| CVE-2008-2310 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code. | ||||
| CVE-2009-0100 | 1 Microsoft | 4 Office, Office Compatibility Pack For Word Excel Ppt 2007, Office Excel and 1 more | 2026-04-23 | N/A |
| Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 do not properly parse the Excel spreadsheet file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that contains a malformed object with "an offset and a two-byte value" that trigger a memory calculation error, aka "Memory Corruption Vulnerability." | ||||