Export limit exceeded: 11727 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11727 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-7028 | 1 Aves | 1 Rpg Board | 2026-04-23 | N/A |
| RPG.Board 0.8 Beta2 and earlier allows remote attackers to bypass authentication and gain privileges by setting the keep4u cookie to a certain value. | ||||
| CVE-2009-0614 | 1 Cisco | 1 Unified Meetingplace Web Conferencing | 2026-04-23 | N/A |
| Unspecified vulnerability in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote attackers to bypass authentication and obtain administrative access via a crafted URL. | ||||
| CVE-2008-5783 | 1 V3chat | 1 V3 Chat Live Support | 2026-04-23 | N/A |
| admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1. | ||||
| CVE-2009-1905 | 1 Ibm | 1 Db2 | 2026-04-23 | N/A |
| The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors. | ||||
| CVE-2009-0591 | 1 Openssl | 1 Openssl | 2026-04-23 | N/A |
| The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid. | ||||
| CVE-2008-4081 | 1 Stash | 1 Stash | 2026-04-23 | N/A |
| admin/login.php in Stash 1.0.3 allows remote attackers to bypass authentication and gain administrative access by setting a bsm cookie. | ||||
| CVE-2009-3231 | 5 Canonical, Fedoraproject, Opensuse and 2 more | 6 Ubuntu Linux, Fedora, Opensuse and 3 more | 2026-04-23 | N/A |
| The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password. | ||||
| CVE-2009-0021 | 2 Ntp, Redhat | 2 Ntp, Enterprise Linux | 2026-04-23 | N/A |
| NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | ||||
| CVE-2008-4722 | 1 Sun | 37 Blade 6000 Modular System With Chassis, Blade 6048 Modular System With Chassis, Blade 8000 Modular System and 34 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26 allows remote authenticated users to (1) access the service processor (SP) and cause a denial of service (shutdown or reboot), or (2) access the host operating system and have an unspecified impact, via unknown vectors. | ||||
| CVE-2008-4223 | 1 Apple | 1 Mac Os X Server | 2026-04-23 | N/A |
| Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors. | ||||
| CVE-2008-7179 | 1 Otmanager | 1 Otmanager Cms | 2026-04-23 | N/A |
| OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome cookies to certain values, as reachable in Admin/index.php. | ||||
| CVE-2008-4167 | 1 Ezphotogallery | 1 Ezphotogallery | 2026-04-23 | N/A |
| useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative authentication, which allows remote attackers to (1) add or (2) remove an Administrator account. | ||||
| CVE-2007-4680 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack. | ||||
| CVE-2008-7124 | 1 Zkup | 1 Zkup | 2026-04-23 | N/A |
| zKup CMS 2.0 through 2.3 does not require administrative authentication for admin/configuration/modifier.php, which allows remote attackers to gain administrator privileges via a direct request, as demonstrated by adding a new administrator. | ||||
| CVE-2008-4146 | 1 Addalink | 1 Addalink | 2026-04-23 | N/A |
| Addalink 1.0 beta 4 and earlier allows remote attackers to (1) approve web-site additions via a modified approved field and (2) change the visit-counter value via a modified counter field. | ||||
| CVE-2008-7086 | 1 Maianscriptworld | 1 Maian Greetings | 2026-04-23 | N/A |
| Maian Greetings 2.1 allows remote attackers to bypass authentication and gain administrative privileges by setting the mecard_admin_cookie cookie to admin. | ||||
| CVE-2008-7081 | 1 Raidsonic | 1 Icy Box Nas | 2026-04-23 | N/A |
| userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 allows remote attackers to bypass authentication and gain administrator privileges by setting the login parameter to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5880 | 1 Gobbl | 1 Gobbl Cms | 2026-04-23 | N/A |
| admin/auth.php in Gobbl CMS 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "ok". | ||||
| CVE-2007-4692 | 2 Apple, Microsoft | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2026-04-23 | N/A |
| The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to be displayed for a tab that is not active, which makes it appear as if it is associated with the active tab. | ||||
| CVE-2008-7051 | 1 Ajsquare | 1 Aj Article | 2026-04-23 | N/A |
| AJ Square AJ Article allows remote attackers to bypass authentication and access administrator functionality via a direct request to (1) user.php, (2) articles.php, (3) articlesuspend.php, (4) site.php, (5) statistics.php, (6) mail.php, (7) category.php, (8) subcategory.php, (9) changepassword.php, (10) polling.php, and (11) logo.php in admin/. | ||||