Export limit exceeded: 346183 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346183 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0876 | 1 Hitachi | 2 Sewb3 Mi-platform, Sewb3 Platform | 2026-04-23 | N/A |
| Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service (service outage) via "invalid data." | ||||
| CVE-2009-4133 | 2 Condor Project, Redhat | 2 Condor, Enterprise Mrg | 2026-04-23 | N/A |
| Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute. | ||||
| CVE-2008-0878 | 1 Runcms | 1 Myannonces | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | ||||
| CVE-2008-0879 | 1 Phpnuke | 1 Web Links Module | 2026-04-23 | N/A |
| SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action. | ||||
| CVE-2008-0880 | 1 Phpnuke | 1 Easycontent Module | 2026-04-23 | N/A |
| SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | ||||
| CVE-2008-0881 | 1 Phpnuke | 1 Okul Module | 2026-04-23 | N/A |
| SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action. | ||||
| CVE-2008-0882 | 2 Cups, Redhat | 2 Cups, Enterprise Linux | 2026-04-23 | N/A |
| Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0883 | 3 Adobe, Redhat, Suse | 5 Acrobat Reader, Rhel Extras, Open Suse and 2 more | 2026-04-23 | N/A |
| acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. | ||||
| CVE-2008-0884 | 1 Redhat | 1 Enterprise Linux | 2026-04-23 | N/A |
| The Replace function in the capp-lspp-config script in the (1) lspp-eal4-config-ibm and (2) capp-lspp-eal4-config-hp packages before 0.65-2 in Red Hat Enterprise Linux (RHEL) 5 uses lstat instead of stat to determine the /etc/pam.d/system-auth file permissions, leading to a change to world-writable permissions for the /etc/pam.d/system-auth-ac file, which allows local users to gain privileges by modifying this file. | ||||
| CVE-2008-0889 | 1 Redhat | 2 Directory Server, Enterprise Linux | 2026-04-23 | N/A |
| Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions for the redhat-idm-console script, which allows local users to execute arbitrary code by modifying the script. | ||||
| CVE-2008-0890 | 1 Redhat | 1 Directory Server | 2026-04-23 | N/A |
| Red Hat Directory Server 7.1 before SP4 uses insecure permissions for certain directories, which allows local users to modify JAR files and execute arbitrary code via unknown vectors. | ||||
| CVE-2008-0891 | 1 Openssl | 1 Openssl | 2026-04-23 | N/A |
| Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0892 | 1 Redhat | 2 Directory Server, Fedora Directory Server | 2026-04-23 | N/A |
| The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands. | ||||
| CVE-2008-0893 | 1 Redhat | 1 Directory Server | 2026-04-23 | N/A |
| Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions. | ||||
| CVE-2008-0894 | 1 Apple | 1 Safari | 2026-04-23 | N/A |
| Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a denial of service (crash) via a crafted (1) bitmap (BMP) or (2) GIF file, a related issue to CVE-2008-0420. | ||||
| CVE-2008-0897 | 1 Bea | 1 Weblogic Server | 2026-04-23 | N/A |
| Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member destination, related to durable subscriptions. | ||||
| CVE-2008-0898 | 1 Bea | 1 Weblogic Server | 2026-04-23 | N/A |
| The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queue, which allows remote authenticated users to bypass intended access restrictions for protected distributed queues. | ||||
| CVE-2008-0899 | 1 Bea | 1 Weblogic Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via URLs that are not properly handled by the Unexpected Exception Page. | ||||
| CVE-2008-0900 | 2 Bea, Bea Systems | 2 Weblogic Server, Weblogic Express | 2026-04-23 | N/A |
| Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors. | ||||
| CVE-2008-0901 | 2 Bea, Bea Systems | 2 Weblogic Server, Weblogic Server | 2026-04-23 | N/A |
| BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not. | ||||