Export limit exceeded: 352268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (352268 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4192 | 1 Redhat | 3 Cman, Enterprise Linux, Rhel Cluster | 2026-04-23 | N/A |
| The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file. | ||||
| CVE-2008-4195 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Opera before 9.52 does not properly restrict the ability of a framed web page to change the address associated with a different frame, which allows remote attackers to trigger the display of an arbitrary address in a frame via unspecified use of web script. | ||||
| CVE-2008-4196 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Opera before 9.52 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-4198 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Opera before 9.52, when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection, which might allow remote attackers to trick a user into performing unsafe actions on the http page. | ||||
| CVE-2008-4199 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Opera before 9.52 does not prevent use of links from web pages to feed source files on the local disk, which might allow remote attackers to determine the validity of local filenames via vectors involving "detection of JavaScript events and appropriate manipulation." | ||||
| CVE-2008-4200 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Opera before 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote attackers to change this field to display the URL of a page containing web script controlled by the attacker. | ||||
| CVE-2008-4202 | 1 Gonafish | 1 Linkscaffepro | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Gonafish LinksCaffePRO 4.5 allows remote attackers to execute arbitrary SQL commands via the idd parameter in a deadlink action. | ||||
| CVE-2008-4203 | 1 Czaries | 1 Czarnews | 2026-04-23 | N/A |
| SQL injection vulnerability in cn_users.php in CzarNews 1.20 and earlier allows remote attackers to execute arbitrary SQL commands via a recook cookie. | ||||
| CVE-2008-4204 | 1 Softacid | 1 Hotel Reservation System | 2026-04-23 | N/A |
| SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter. | ||||
| CVE-2008-4205 | 1 Attachmax | 1 Dolphin | 2026-04-23 | N/A |
| SQL injection vulnerability in search.php Attachmax Dolphin 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a Search action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4206 | 1 Attachmax | 1 Dolphin | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in config.php in Attachmax Dolphin 2.1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter. | ||||
| CVE-2008-4207 | 1 Attachmax | 1 Dolphin | 2026-04-23 | N/A |
| Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php in the main folder, which allows remote attackers to obtain sensitive information via a direct request, which invokes the phpinfo function. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4208 | 1 Osads Alliance Database | 1 Osads Alliance Database | 2026-04-23 | N/A |
| Unspecified vulnerability in OSADS Alliance Database before 2.1 has unknown impact and attack vectors, possibly related to includes/functions.php, a different issue than CVE-2006-2874. | ||||
| CVE-2008-4219 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to occurrence of an exception in this application. | ||||
| CVE-2008-4211 | 1 Apple | 3 Iphone Os, Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns." | ||||
| CVE-2008-4212 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2008-4214 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files. | ||||
| CVE-2008-4215 | 1 Apple | 1 Mac Os X Server | 2026-04-23 | N/A |
| Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting access control list is specified for a user that has multiple short names, which might allow attackers to bypass intended access restrictions. | ||||
| CVE-2008-4217 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows remote attackers to execute arbitrary code via the headers in a crafted CPIO archive, leading to a stack-based buffer overflow. | ||||
| CVE-2008-4218 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Multiple integer overflows in the kernel in Apple Mac OS X before 10.5.6 on Intel platforms allow local users to gain privileges via a crafted call to (1) i386_set_ldt or (2) i386_get_ldt. | ||||