Export limit exceeded: 346183 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346183 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1071 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. | ||||
| CVE-2008-1073 | 1 Internet Security Systems | 1 Internet Scanner | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the report interface in Internet Security Systems (ISS) Internet Scanner 7.0 Service Pack 2 Build 7.2.2005.52 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4167 | 2 Lukas Taferner, Typo3 | 2 It Basetag, Typo3 | 2026-04-23 | N/A |
| Unspecified vulnerability in the Automatic Base Tags for RealUrl (lt_basetag) extension 1.0.0 for TYPO3 allows remote attackers to conduct "Cache spoofing" attacks via unspecified vectors. | ||||
| CVE-2008-1074 | 1 Group E | 1 Group E | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in lib/head_auth.php in GROUP-E 1.6.41 allows remote attackers to execute arbitrary PHP code via a URL in the CFG[PREPEND_FILE] parameter. | ||||
| CVE-2008-1075 | 1 Maianscriptworld | 1 Maian Cart | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Maian Cart 1.1 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1076 | 1 Interspire | 1 Shopping Cart | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Interspire Shopping Cart 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-4171 | 1 Yahoo | 1 Messenger | 2026-04-23 | N/A |
| An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument. | ||||
| CVE-2008-1078 | 2 Gentoo, Rpath | 2 Linux, Rpath Linux | 2026-04-23 | N/A |
| expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1. | ||||
| CVE-2008-1079 | 1 Beehive Software | 1 Sendfile.net | 2026-04-23 | N/A |
| The outboxWriteUnsent function in FTPThread.class in SendFile.jar for Beehive Software SendFile.NET uses hard-coded credentials for an FTP server, which allows remote attackers to gain privileges. | ||||
| CVE-2008-1080 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Opera before 9.26 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename into a file input. | ||||
| CVE-2008-1081 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties. | ||||
| CVE-2008-1082 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting (XSS) attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation. | ||||
| CVE-2008-1084 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows Server 2008 and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: it was later reported that one affected function is NtUserFnOUTSTRING in win32k.sys. | ||||
| CVE-2009-4172 | 2 Cutephp, Korn19 | 2 Cutenews, Utf-8 Cutenews | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews 8 and 8b, when magic_quotes_gpc is disabled, allows remote attackers to inject arbitrary web script or HTML via the body of a news article in an addnews action. | ||||
| CVE-2008-1085 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-23 | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered handler. | ||||
| CVE-2008-1086 | 1 Microsoft | 6 Internet Explorer, Windows-nt, Windows 2000 and 3 more | 2026-04-23 | N/A |
| The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption. | ||||
| CVE-2008-1087 | 1 Microsoft | 5 Windows-nt, Windows 2000, Windows 2003 Server and 2 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vulnerability." | ||||
| CVE-2008-1088 | 1 Microsoft | 1 Project | 2026-04-23 | N/A |
| Microsoft Project 2000 Service Release 1, 2002 SP1, and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a crafted Project file, related to improper validation of "memory resource allocations." | ||||
| CVE-2008-1089 | 1 Microsoft | 2 Office, Visio | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a Visio file containing crafted object header data, aka "Visio Object Header Vulnerability." | ||||
| CVE-2008-1090 | 1 Microsoft | 2 Office, Visio | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability." | ||||