Export limit exceeded: 365780 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 365780 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365780 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-7173 1 Juracapecoffee 2 Internet Connectivity Kit, Jura Impressa 2026-04-23 N/A
The Jura Internet Connection Kit for the Jura Impressa F90 coffee maker does not properly restrict access to privileged functions, which allows remote attackers to cause a denial of service (physical damage), modify coffee settings, and possibly execute code via a crafted request. NOTE: this issue is being included in CVE because the denial of service may include financial loss or water damage.
CVE-2008-0194 1 Wordpress 1 Wordpress 2026-04-23 N/A
Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1.
CVE-2008-7180 1 Rittwick Banerjee 1 Telephone Directory 2008 2026-04-23 N/A
del_query1.php in Telephone Directory 2008 allows remote attackers to delete arbitrary contacts via a direct request with a modified id variable.
CVE-2008-7181 1 Butterflymedia 1 Butterfly Organizer 2026-04-23 N/A
Butterfly Organizer 2.0.0 allows remote attackers to (1) delete arbitrary categories via a modified tablehere parameter to category-delete.php with the is_js_confirmed parameter set to 1, or (2) delete arbitrary accounts via the mytable parameter to delete.php.
CVE-2008-7182 1 Netwin 1 Surgemail 2026-04-23 N/A
Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 and CVE-2008-1498. NOTE: due to lack of details, it is not certain whether this is the same issue as CVE-2008-2859.
CVE-2008-7185 1 Gnome 1 Rhythmbox 2026-04-23 N/A
GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of service (segmentation fault and crash) via a playlist (.pls) file with a long Title field, possibly related to the g_hash_table_lookup function in b-playlist-manager.c.
CVE-2008-7186 1 Coppermine-gallery 1 Coppermine Photo Gallery 2026-04-23 N/A
Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504.
CVE-2008-7188 1 Clip-share 1 Clipshare 2026-04-23 N/A
ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php.
CVE-2008-7189 1 Bastian Blumentritt 1 Local Media Browser 2026-04-23 N/A
Multiple unspecified vulnerabilities in Local Media Browser before 0.1 have unknown impact and attack vectors related to "Security holes."
CVE-2008-7192 1 Woltlab 1 Burning Board 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.
CVE-2008-7205 1 Virtuemart 1 Virtuemart 2026-04-23 N/A
Unspecified vulnerability in the product view functionality in VirtueMart 1.0.13a and earlier allows remote attackers to read arbitrary files via vectors related to a template file.
CVE-2008-7208 1 Insane Visions 1 Onecms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.php or (2) user parameter to staff.php.
CVE-2008-1095 1 Sun 2 Solaris, Sunos 2026-04-23 N/A
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.
CVE-2008-7219 1 Horde 5 Groupware, Groupware Webmail Edition, Kronolith H3 and 2 more 2026-04-23 N/A
Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors.
CVE-2008-7225 1 Foxitsoftware 1 Wac Server 2026-04-23 N/A
Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151.
CVE-2008-7232 1 Netplex-tech 1 Xtacacsd 2026-04-23 N/A
Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command.
CVE-2008-7234 1 Oracle 1 Application Server 2026-04-23 N/A
Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03.
CVE-2008-1612 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-23 N/A
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239.
CVE-2008-1660 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.
CVE-2008-1805 1 Skype Technologies 1 Skype 2026-04-23 N/A
Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI that ends in an executable extension that is not covered by the blacklist.