Export limit exceeded: 364021 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364021 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0644 1 Adobe 1 Coldfusion 2026-04-23 N/A
Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism for applications via unspecified vectors related to the setEncoding function.
CVE-2008-0645 1 Portail Web Php 1 Portail Web Php 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) config/conf-activation.php, (2) menu/item.php, and (3) modules/conf_modules.php in admin/system/; and (4) system/login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0646 2 Deluge Team, Rasterbar Software 2 Deluge, Libtorrent 2026-04-23 N/A
The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion and crash) via a crafted bencoded message.
CVE-2008-0647 1 Ourgame.com 2 Glworld, Hangameplugincn18 Activex Control 2026-04-23 N/A
Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information.
CVE-2008-0649 1 Adp 1 Astanda Directory Project 2026-04-23 N/A
SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter.
CVE-2008-0650 1 Simple Os Cms 1 Simple Os Cms 2026-04-23 N/A
SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-1338 2 Linux, Redhat 2 Linux Kernel, Enterprise Mrg 2026-04-23 N/A
The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command.
CVE-2008-0652 2 Joomla, Mambo 2 Com Downloads, Com Downloads 2026-04-23 N/A
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
CVE-2008-0653 1 Joomla 1 Com Ynews 2026-04-23 N/A
SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action.
CVE-2008-0654 1 Azucar Cms 1 Azucar Cms 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Azucar CMS 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _VIEW (view) parameter to (1) index.php, (2) html/sitio/index.php, or (3) src/sistema/vistas/template/tpl_inicio.php.
CVE-2008-0656 1 Emc 2 Documentum Administrator, Documentum Webtop 2026-04-23 N/A
Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute.
CVE-2008-0657 2 Redhat, Sun 4 Network Satellite, Rhel Extras, Jdk and 1 more 2026-04-23 N/A
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
CVE-2008-0670 1 Joomla 1 Com Noticias 2026-04-23 N/A
SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action.
CVE-2008-0671 1 Tintin 2 Tintin\+\+, Wintin\+\+ 2026-04-23 N/A
Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute arbitrary code via a long chat message, related to conversion from LF to CRLF.
CVE-2008-0672 1 Tintin 2 Tintin\+\+, Wintin\+\+ 2026-04-23 N/A
The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (application crash) via a YES message without a newline character, which triggers a NULL dereference.
CVE-2008-0674 1 Pcre 1 Pcre 2026-04-23 N/A
Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.
CVE-2008-0676 1 A-blog 1 A-blog 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote attackers to inject arbitrary web script or HTML via the words parameter.
CVE-2008-0677 1 A-blog 1 A-blog 2026-04-23 N/A
SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action.
CVE-2008-0678 1 Blogphp 1 Blogphp 2026-04-23 N/A
SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action.
CVE-2008-0679 1 Blogphp 1 Blogphp 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in BlogPHP 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.