Export limit exceeded: 360316 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360316 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0946 | 1 Ipswitch | 2 Imserver, Instant Messaging | 2026-04-23 | N/A |
| Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field. | ||||
| CVE-2008-0947 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2026-04-23 | N/A |
| Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors. | ||||
| CVE-2008-0949 | 1 Ibm | 1 Informix Dynamic Server | 2026-04-23 | N/A |
| Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attackers to gain privileges via a malformed connection request packet. | ||||
| CVE-2008-0953 | 1 Hp | 1 Instant Support | 2026-04-23 | N/A |
| The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953. | ||||
| CVE-2008-3465 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows Server 2003 and 3 more | 2026-04-23 | 9.8 Critical |
| Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed file-size parameter, which would not be properly handled by a third-party application that uses this API for a copy operation, aka "GDI Heap Overflow Vulnerability." | ||||
| CVE-2008-0956 | 2 Backweb, Logitech | 2 Backweb, Desktop Manager | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2008-0957 | 1 Photostockplus | 1 Photostockplus Uploader Tool | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control (PSPUploader.ocx) allow remote attackers to execute arbitrary code via unspecified initialization parameters. | ||||
| CVE-2008-0959 | 4 Alivemedia, Online Media Technologies, Orion Studios and 1 more | 6 Alive Mp3 Wav Converter, Nctaudioeditor Activex Control, Nctaudiostudio Activex Control and 3 more | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Audio CD Burner 1.02, (3) CinematicMP3 1.4.0.0, (4) Alive MP3 WAV Converter 3.9.3.2, and possibly other products, allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2008-0961 | 1 Emc | 1 Diskxtender | 2026-04-23 | 9.8 Critical |
| EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface. | ||||
| CVE-2008-3466 | 1 Microsoft | 3 Host Integration Server 2000, Host Integration Server 2004, Host Integration Server 2006 | 2026-04-23 | N/A |
| Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability." | ||||
| CVE-2009-1344 | 1 Drupal | 2 Drupal, Localization Client | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Localization client module 5.x before 5.x-1.2 and 6.x before 6.x-1.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the translation functionality. | ||||
| CVE-2008-0962 | 1 Emc | 1 Diskxtender | 2026-04-23 | N/A |
| Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface. | ||||
| CVE-2008-0963 | 1 Emc | 1 Diskxtender | 2026-04-23 | N/A |
| Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface. | ||||
| CVE-2008-0965 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2026-04-23 | N/A |
| Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. | ||||
| CVE-2008-0971 | 1 Barracuda Networks | 5 Barracuda Im Firewall, Barracuda Load Balancer, Barracuda Message Archiver and 2 more | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Barracuda Spam Firewall (BSF) before 3.5.12.007, Message Archiver before 1.2.1.002, Web Filter before 3.3.0.052, IM Firewall before 3.1.01.017, and Load Balancer before 2.3.024 allow remote attackers to inject arbitrary web script or HTML via (1) the Policy Name field in Search Based Retention Policy in Message Archiver; unspecified parameters in the (2) IP Configuration, (3) Administration, (4) Journal Accounts, (5) Retention Policy, and (6) GroupWise Sync components in Message Archiver; (7) input to search operations in Web Filter; and (8) input used in error messages and (9) hidden INPUT elements in (a) Spam Firewall, (b) IM Firewall, and (c) Web Filter. | ||||
| CVE-2008-0973 | 1 Double-take Software | 1 Double-take | 2026-04-23 | N/A |
| Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x versions, allows remote attackers to have an unknown impact via a packet with a long string in the username field. | ||||
| CVE-2009-1346 | 1 Interguias | 1 Nethoteles | 2026-04-23 | N/A |
| SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 allows remote attackers to execute arbitrary SQL commands via the id_establecimiento parameter. | ||||
| CVE-2008-0975 | 1 Double-take Software | 1 Double-take | 2026-04-23 | N/A |
| Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (CPU consumption) via a -1 value in the field that specifies the size of the vector<T> value. | ||||
| CVE-2008-0976 | 2 Double-take Software, Hp | 2 Double-take, Storageworks Double-take | 2026-04-23 | N/A |
| Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed packet, as demonstrated by a packet of type (1) 0x2722 or (2) 0x272a. | ||||
| CVE-2008-0977 | 1 Double-take Software | 1 Double-take | 2026-04-23 | N/A |
| Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain long packet that triggers an attempt to allocate a large amount of memory. | ||||