Export limit exceeded: 346170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346170 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1135 | 1 Omegasoft | 1 Interneserviceslosungen | 2026-04-23 | N/A |
| OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames. | ||||
| CVE-2008-1136 | 1 Synce | 1 Synce | 2026-04-23 | N/A |
| The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) allows remote attackers to execute arbitrary commands via shell metacharacters in a certain string to TCP port 5679. | ||||
| CVE-2008-1137 | 2 Joomla, Mambo | 2 Com Garyscookbook, Com Garyscookbook | 2026-04-23 | N/A |
| SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2008-1138 | 1 Deslock | 1 Deslock | 2026-04-23 | N/A |
| DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (system crash) via a certain ZERO_MEM DLMFENC_IOCTL request to \\.\DLKPFSD_Device, aka the "ring0 link list zero" vulnerability. | ||||
| CVE-2008-1163 | 1 Phparcadescript | 1 Phparcadescript | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in phpArcadeScript 1.0 through 3.0 RC2 allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action. | ||||
| CVE-2009-4177 | 1 Hp | 1 Openview Network Node Manager | 2026-04-23 | N/A |
| Buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header. | ||||
| CVE-2008-1144 | 2 Marvell, Netgear | 2 88w8361w-bem1, Wn802t | 2026-04-23 | N/A |
| The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length." | ||||
| CVE-2008-1146 | 8 Apple, Cosmicperl, Darwin and 5 more | 9 Mac Os X, Mac Os X Server, Directory Pro and 6 more | 2026-04-23 | N/A |
| A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD's modification of BIND. | ||||
| CVE-2008-1154 | 1 Cisco | 4 Emergency Responder, Mobility Manager, Unified Communications Manager and 1 more | 2026-04-23 | N/A |
| The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2009-4178 | 1 Hp | 1 Openview Network Node Manager | 2026-04-23 | N/A |
| Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter. | ||||
| CVE-2008-1152 | 1 Cisco | 2 Cisco Ios, Ios | 2026-04-23 | N/A |
| The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets. | ||||
| CVE-2008-1153 | 1 Cisco | 2 Cisco Ios, Ios | 2026-04-23 | N/A |
| Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. | ||||
| CVE-2009-4179 | 1 Hp | 1 Openview Network Node Manager | 2026-04-23 | N/A |
| Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action. | ||||
| CVE-2008-1162 | 1 Php Web Scripts | 1 Dynamic Photo Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter. | ||||
| CVE-2009-4180 | 1 Hp | 1 Openview Network Node Manager | 2026-04-23 | N/A |
| Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header. | ||||
| CVE-2009-4181 | 1 Hp | 1 Openview Network Node Manager | 2026-04-23 | N/A |
| Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe. | ||||
| CVE-2008-1173 | 1 Torrenttrader | 2 Torrenttrader, Torrenttrader Classic | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in account-inbox.php in TorrentTrader Classic 1.08 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2008-1773 | 1 Dragoon | 1 Dragoon | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/header.inc.php in Dragoon 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | ||||
| CVE-2009-4186 | 2 Apple, Microsoft | 2 Safari, Windows | 2026-04-23 | N/A |
| Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property. | ||||
| CVE-2009-4188 | 1 Hp | 1 Operations Dashboard | 2026-04-23 | N/A |
| HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098. | ||||