Export limit exceeded: 359576 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359576 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359576 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3875 | 1 Sun | 2 Opensolaris, Solaris | 2026-04-23 | N/A |
| The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls. | ||||
| CVE-2008-2705 | 1 Sun | 1 Java System Access Manager | 2026-04-23 | N/A |
| Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote attackers to bypass authentication via unspecified vectors. | ||||
| CVE-2008-6401 | 1 Jetik | 1 Jetik-web | 2026-04-23 | N/A |
| SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2008-4881 | 1 Yourfreeworld | 1 Reminder Service Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Reminder Service Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2696 | 1 Exiv2 | 1 Exiv2 | 2026-04-23 | N/A |
| Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function. | ||||
| CVE-2008-6042 | 1 Netartmedia | 1 Real Estate Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php. | ||||
| CVE-2008-2684 | 1 Blackice | 1 Black Ice Barcode Sdk | 2026-04-23 | N/A |
| The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4873 | 1 Sepal | 1 Spboard | 2026-04-23 | N/A |
| board.cgi in Sepal SPBOARD 4.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter during a down_file action. | ||||
| CVE-2008-6031 | 1 Wsn Links | 1 Wsn Links | 2026-04-23 | N/A |
| SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable. | ||||
| CVE-2008-6030 | 1 Netartmedia | 1 Jobs Portal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via (1) the job parameter to index.php in the search module or (2) the news_id parameter to index.php. | ||||
| CVE-2008-4872 | 1 Itechscripts | 1 Itechbids | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in bidhistory.php in iTechBids Gold 5.0 allows remote attackers to inject arbitrary web script or HTML via the item_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5072 | 1 K-lite | 1 Mega Codec Pack | 2026-04-23 | N/A |
| vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers to cause a denial of service (application crash) via a malformed FLV file. | ||||
| CVE-2008-5069 | 1 Deeserver | 1 Panuwat Promoteweb Mysql | 2026-04-23 | N/A |
| SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0282 | 1 Domphp | 1 Domphp | 2026-04-23 | N/A |
| SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter. | ||||
| CVE-2008-4728 | 1 Hummingbird | 1 Deployment Wizard | 2026-04-23 | N/A |
| Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method. NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders. | ||||
| CVE-2008-4725 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Opera.dll in Opera 9.52 allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly escaped before storage in the History Search database (aka md.dat), a different vector than CVE-2008-4696. NOTE: some of these issues were addressed before 9.60. | ||||
| CVE-2008-4714 | 1 Atomic Photo Album | 1 Atomic Photo Album | 2026-04-23 | N/A |
| Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies. | ||||
| CVE-2008-4709 | 1 Pilot Group | 1 Etraining | 2026-04-23 | N/A |
| SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4694 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL. | ||||
| CVE-2008-4356 | 1 Kasseler-cms | 1 Kasseler Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting module; (3) the fid parameter to index.php in a ShowForum action to the Forum module; (4) the tid parameter to index.php in a ShowTopic action to the Forum module; (5) the uname parameter to index.php in a UserInfo action to the Account module; or (6) the module parameter to index.php, probably related to the TopSites module. | ||||