Export limit exceeded: 346173 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346173 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0764 | 1 Larson Software Technology | 1 Network Print Server | 2026-04-23 | N/A |
| Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114. | ||||
| CVE-2008-0765 | 1 Artmedic Webdesign | 1 Artmedic Weblog | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in artmedic webdesign weblog allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to artmedic_print.php and the (2) jahrneu parameter to index.php. | ||||
| CVE-2008-0767 | 2 Extremez, Extremez-ip | 2 Print Server, File Server | 2026-04-23 | N/A |
| ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote attackers to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read. | ||||
| CVE-2008-0768 | 2 Ibm, Microsoft | 3 Informix Dynamic Server, Informix Storage Manager, Windows | 2026-04-23 | N/A |
| Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests. | ||||
| CVE-2009-4113 | 2 Cutephp, Korn19 | 2 Cutenews, Utf-8 Cutenews | 2026-04-23 | N/A |
| Static code injection vulnerability in the Categories module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote authenticated users with application administrative privileges to inject arbitrary PHP code into data/category.db.php via the Category Access field. | ||||
| CVE-2008-0770 | 1 Ibproarcade | 1 Ibproarcade | 2026-04-23 | N/A |
| SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the g_display_order cookie parameter. | ||||
| CVE-2008-0771 | 1 Site2nite | 1 Real Estate Web | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute arbitrary SQL commands via the (1) txtUserName and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0772 | 2 Joomla, Mambo | 2 Com Doc, Com Doc | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task. | ||||
| CVE-2008-0773 | 3 Joomla, Mambo, Phil Taylor | 4 Com Comments, Com Comments, Comments and 1 more | 2026-04-23 | N/A |
| SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0775 | 1 Simple Machines | 1 Smf Shoutbox | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in sboxDB.php in Simple Machines Forum (SMF) Shoutbox 1.14 through 1.16b allows remote attackers to inject arbitrary web script or HTML via strings to the shoutbox form that start with "&#", contain the desired script, and end with ";". | ||||
| CVE-2008-0776 | 1 Itechscripts | 1 Itechbids | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||
| CVE-2009-4114 | 1 Kaspersky | 1 Kaspersky Anti-virus | 2026-04-23 | N/A |
| kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service (system crash) via IOCTL requests using crafted kernel addresses that trigger memory corruption, possibly related to klavemu.kdl. | ||||
| CVE-2008-0778 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods. | ||||
| CVE-2008-0779 | 1 Fortinet | 1 Forticlient Host Security | 2026-04-23 | N/A |
| The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and earlier does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request. | ||||
| CVE-2008-0782 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter. | ||||
| CVE-2008-0783 | 1 Cacti | 1 Cacti | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action parameter to the draw_navigation_text function in lib/functions.php, reachable through index.php (aka the login page) or data_input.php; or (4) the login_username parameter to index.php. | ||||
| CVE-2008-0784 | 1 Cacti | 1 Cacti | 2026-04-23 | N/A |
| graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors. | ||||
| CVE-2009-4115 | 1 Cutephp | 1 Cutenews | 2026-04-23 | N/A |
| Multiple static code injection vulnerabilities in the Categories module in CutePHP CuteNews 1.4.6 allow remote authenticated users with application administrative privileges to inject arbitrary PHP code into data/category.db.php via the (1) category and (2) Icon URL fields; or (3) inject arbitrary PHP code into data/ipban.php via the add_ip parameter. | ||||
| CVE-2008-0787 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php. | ||||
| CVE-2008-0788 | 1 Mybb | 1 Mybb | 2026-04-23 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in MyBB 1.2.11 and earlier allow remote attackers to (1) hijack the authentication of moderators or administrators for requests that delete threads via a do_multideletethreads action to moderation.php and (2) hijack the authentication of arbitrary users for requests that delete private messages (PM) via a delete action to private.php. | ||||