Export limit exceeded: 346629 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346629 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0769 | 1 Qip | 1 Qip | 2026-04-23 | N/A |
| QIP 2005 build 8082 allows remote attackers to cause a denial of service (CPU consumption and application hang) via a crafted Rich Text Format (RTF) ICQ message, as demonstrated by an {\rtf\pict\&&} message. NOTE: the vulnerability may be in Sergey Tkachenko TRichView. If so, then this should not be treated as a vulnerability in QIP. | ||||
| CVE-2008-3980 | 1 Oracle | 1 Database 10g | 2026-04-23 | N/A |
| Unspecified vulnerability in the Upgrade component in Oracle Database 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | ||||
| CVE-2008-3991 | 1 Oracle | 2 Database 10g, Database 9i | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990. | ||||
| CVE-2008-3996 | 1 Oracle | 2 Database 10g, Database 11i | 2026-04-23 | N/A |
| Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_IPUBLISH. | ||||
| CVE-2008-3998 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | ||||
| CVE-2008-3999 | 1 Oracle | 2 Database 10g, Database 9i | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T. | ||||
| CVE-2008-4000 | 2 Jdedwards, Oracle | 4 Enterpriseone, Jd Edwards Enterpriseone, Peoplesoft Enterprise and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue allows bypass of the lockout mechanism using brute force guessing of credentials and a response discrepancy information leak when the password is correct. | ||||
| CVE-2008-4001 | 1 Oracle | 2 Jd Edwards Enterpriseone Ep, Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne EP 8.9 and EP 9.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | ||||
| CVE-2008-4002 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote authenticated users to affect confidentiality via unknown vectors. | ||||
| CVE-2008-3734 | 1 Ipswitch | 2 Ws Ftp Home, Ws Ftp Pro | 2026-04-23 | N/A |
| Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response). | ||||
| CVE-2008-3733 | 1 Eo-video | 1 Eo-video | 2026-04-23 | N/A |
| Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element. | ||||
| CVE-2008-3732 | 1 Videolan | 1 Vlc Media Player | 2026-04-23 | N/A |
| Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3731 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other versions before 7.2.0.1, allows remote authenticated users to cause a denial of service (daemon crash) via an SSH session with SFTP commands for directory creation and logging. | ||||
| CVE-2008-3730 | 1 Nordicwind | 2 Noah, Nordicwind Document Management System | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Nordicwind Document Management System (NOAH) before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3729 | 1 Microworld Technologies | 1 Mailscan | 2026-04-23 | N/A |
| Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to bypass authentication and obtain administrative access via a direct request with (1) an IsAdmin=true cookie value or (2) no cookie. | ||||
| CVE-2008-3728 | 1 Microworld Technologies | 1 Mailscan | 2026-04-23 | N/A |
| Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to determine the installation path, IP addresses, and error messages via direct requests to files under LOG/. | ||||
| CVE-2008-3721 | 1 Deeemm | 1 Dmcms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in user_language.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary PHP code via a URL in the language_dir parameter. | ||||
| CVE-2008-3720 | 1 Deeemm | 1 Dmcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679. | ||||
| CVE-2008-3724 | 1 Papoo | 1 Papoo | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Papoo before 3.7.2 allows remote attackers to execute arbitrary SQL commands via the suchanzahl parameter. | ||||
| CVE-2008-3719 | 1 Scripts-for-sites | 1 Affiliate Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in SFS Affiliate Directory allows remote attackers to execute arbitrary SQL commands via the id parameter in a deadlink action. | ||||