Export limit exceeded: 364529 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (26321 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4183 1 Integramod 1 Integramod 2026-04-23 N/A
IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup via a direct request to a backup/backup-yyyy-dd-mm.sql filename.
CVE-2008-4180 1 Nooms 1 Nooms 2026-04-23 N/A
Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
CVE-2008-4170 1 Oscommerce 1 Oscommerce 2026-04-23 N/A
create_account.php in osCommerce 2.2 RC 2a allows remote attackers to obtain sensitive information via an invalid dob parameter, which reveals the installation path in an error message.
CVE-2008-4163 1 Isc 1 Bind 2026-04-23 N/A
Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.
CVE-2008-4137 1 Php Crawler 1 Php Crawler 2026-04-23 N/A
PHP remote file inclusion vulnerability in footer.php in PHP-Crawler 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the footer_file parameter.
CVE-2008-4136 1 Michael Roth Software 1 Pftp 2026-04-23 N/A
Michael Roth Software Personal FTP Server (PFT) 6.0f allows remote attackers to cause a denial of service (service crash) via multiple RETR commands, possibly involving long filenames.
CVE-2008-4115 1 Talkback 1 Talkback 2026-04-23 N/A
TalkBack 2.3.6 allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function.
CVE-2008-4049 1 Friendly Technologies 1 Friendly Pppoe Client 2026-04-23 N/A
A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to execute arbitrary programs via arguments to the RunApp method.
CVE-2008-4041 1 Softalk Mail Server 1 Softalk Mail Server 2026-04-23 N/A
The IMAP server in Softalk Mail Server (formerly WorkgroupMail) 8.5.1.431 allows remote authenticated users to cause a denial of service (resource consumption and daemon crash) via a long IMAP APPEND command with certain repeated parameters.
CVE-2008-3584 1 Netbsd 1 Netbsd 2026-04-23 N/A
NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows remote attackers to cause a denial of service (system crash) via a crafted PPPoE packet.
CVE-2008-3571 1 Xerox 1 Phaser 2026-04-23 N/A
The Xerox Phaser 8400 allows remote attackers to cause a denial of service (reboot) via an empty UDP packet to port 1900.
CVE-2008-3550 1 Ibm 1 Rational Clearquest 2026-04-23 N/A
The CQWeb login page in IBM Rational ClearQuest 7.0.1 allows remote attackers to obtain potentially sensitive information (page source code) via a combination of ?script? and ?/script? sequences in the id field, possibly related to a cross-site scripting (XSS) vulnerability.
CVE-2008-3139 2 Rpath, Wireshark 2 Rpath Linux, Wireshark 2026-04-23 N/A
The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
CVE-2008-2988 1 Benjacms 1 Benja Cms 2026-04-23 N/A
Unrestricted file upload vulnerability in admin/upload.php in Benja CMS 0.1 allows remote attackers to upload and execute arbitrary PHP files via unspecified vectors, followed by a direct request to the file in billeder/.
CVE-2008-2110 1 Qto 1 Qtofilemanager 2026-04-23 N/A
Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request.
CVE-2008-2729 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2026-04-23 N/A
arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
CVE-2008-2101 1 Vmware 1 Esx 2026-04-23 N/A
The VMware Consolidated Backup (VCB) command-line utilities in VMware ESX 3.0.1 through 3.0.3 and ESX 3.5 place a password on the command line, which allows local users to obtain sensitive information by listing the process.
CVE-2008-2711 2 Fetchmail, Redhat 2 Fetchmail, Enterprise Linux 2026-04-23 N/A
fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference when using vsnprintf to format log messages.
CVE-2008-2061 1 Cisco 1 Unified Communications Manager 2026-04-23 N/A
The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.
CVE-2008-2056 1 Cisco 3 Adaptive Security Appliance, Adaptive Security Appliance Software, Pix Security Appliance 2026-04-23 N/A
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.