Export limit exceeded: 21624 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5360 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2026-04-23 | N/A |
| Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors. | ||||
| CVE-2009-1447 | 1 E-cart | 1 Free Shopping Cart | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in admin/editor/image.php in e-cart.biz Free Shopping Cart allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/. | ||||
| CVE-2008-5415 | 3 Broadcom, Ca, Microsoft | 3 Arcserve Backup, Arcserve Backup, Windows | 2026-04-23 | N/A |
| The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure. | ||||
| CVE-2008-6822 | 1 Newearthpt | 1 Imgupload | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a modified content type, then accessing this file via a direct request, as demonstrated by an upload with an image/jpeg content type. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6830 | 1 Citrix | 1 Web Interface | 2026-04-23 | N/A |
| The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. NOTE: the attacker must also have valid credentials to the Web Interface. | ||||
| CVE-2008-6845 | 1 Clamav | 1 Clamav | 2026-04-23 | N/A |
| The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file. | ||||
| CVE-2008-6987 | 1 Ezonescripts | 1 Dating Website Script | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in eZoneScripts Dating Website script allows remote attackers to execute arbitrary code via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6997 | 1 Google | 1 Chrome | 2026-04-23 | N/A |
| Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service (browser crash) via an IMG tag with a long src attribute, which triggers the crash when the victim performs an "Inspect Element" action. | ||||
| CVE-2008-7001 | 1 Creative Mind | 1 Creator Cms | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in the file manager in Creative Mind Creator CMS 5.0 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2008-7014 | 1 Fhttpd | 1 Fhttpd | 2026-04-23 | N/A |
| fhttpd 0.4.2 allows remote attackers to cause a denial of service (crash) via an Authorization HTTP header with an invalid character after the Basic value. | ||||
| CVE-2008-7021 | 1 Availscript | 1 Jobs Portal Script | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unspecified directory. | ||||
| CVE-2008-7022 | 1 Chilkatsoft | 1 Chilkat Imap Activex Control | 2026-04-23 | N/A |
| Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (ChilkatMail2.ChilkatMailMan2.1) allows remote attackers to execute arbitrary programs via the LoadXmlEmail method. | ||||
| CVE-2008-7025 | 1 Checkpoint | 1 Zonealarm | 2026-04-23 | N/A |
| TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service (crash) and disable the HIDS module via a crafted response. | ||||
| CVE-2008-7065 | 1 Siemens | 2 Gigaset C450 Ip, Gigaset C475 Ip | 2026-04-23 | N/A |
| Siemens C450 IP and C475 IP VoIP devices allow remote attackers to cause a denial of service (disconnected calls and device reboot) via a crafted SIP packet to UDP port 5060. | ||||
| CVE-2009-0276 | 1 Google | 1 Chrome | 2026-04-23 | N/A |
| Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and reads its full URL and possibly other sensitive information, or modifies the URL of this frame. | ||||
| CVE-2009-0315 | 1 Xchat | 1 Xchat | 2026-04-23 | N/A |
| Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983). | ||||
| CVE-2009-0316 | 1 Vim | 1 Vim | 2026-04-23 | N/A |
| Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair. | ||||
| CVE-2009-0318 | 1 Gnome | 1 Gnumeric | 2026-04-23 | N/A |
| Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983). | ||||
| CVE-2009-0369 | 1 Microsoft | 1 Internet Explorer | 2026-04-23 | N/A |
| Microsoft Internet Explorer 7 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. | ||||
| CVE-2009-0374 | 1 Google | 1 Chrome | 2026-04-23 | N/A |
| Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue, stating that "every sufficiently featured browser is and likely will remain susceptible to the behavior known as clickjacking," and adding that the exploit code "is not a valid demonstration of the issue. | ||||