Export limit exceeded: 364976 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364976 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3934 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
CVE-2008-3935 1 D-ic 2 Shop V50, Shop V52 2026-04-23 6.1 Medium
Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and earlier and shop_v52 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-3936 1 Dreambox 1 Dm500c 2026-04-23 N/A
The web interface in Dreambox DM500C allows remote attackers to cause a denial of service (application hang) via a long URI.
CVE-2008-3937 1 Opendb 1 Opendb 2026-04-23 6.1 Medium
Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an edit action to user_admin.php, the (2) title parameter to listings.php, and the (3) redirect_url parameter to user_profile.php.
CVE-2008-3938 1 Opendb 1 Opendb 2026-04-23 8.8 High
Cross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database (OpenDb) 1.0.6 allows remote attackers to change arbitrary passwords via an update_password action.
CVE-2008-3939 1 Avtech 1 Pager Enterprise 2026-04-23 7.5 High
Directory traversal vulnerability in the web interface in AVTECH PageR Enterprise before 5.0.7 allows remote attackers to read arbitrary files via directory traversal sequences in the URI.
CVE-2008-3940 1 Hp 1 Openvms 2026-04-23 N/A
Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file.
CVE-2008-3941 1 Bizdirectory 1 Bizdirectory 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in BizDirectory 2.04 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter in a search action to the default URI.
CVE-2008-3942 1 Ozsari 1 Full Php Emlak Script 2026-04-23 N/A
SQL injection vulnerability in landsee.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3943 1 Ezonescripts 1 Living Local 2026-04-23 N/A
SQL injection vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to execute arbitrary SQL commands via the r parameter.
CVE-2008-3944 1 Discountedscripts 1 Acg Ptp 2026-04-23 N/A
SQL injection vulnerability in index.php in ACG-PTP 1.0.6 allows remote attackers to execute arbitrary SQL commands via the adid parameter in an adorder action.
CVE-2008-3945 1 Source Workshop 1 Words Tag Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Words tag 1.2 allows remote attackers to execute arbitrary SQL commands via the word parameter in a claim action.
CVE-2008-3946 1 Hp 1 Openvms 2026-04-23 N/A
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file.
CVE-2008-3947 1 Hp 1 Openvms 2026-04-23 N/A
DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line.
CVE-2008-3949 1 Suse 1 Suse Linux 2026-04-23 N/A
emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.
CVE-2008-3950 1 Apple 3 Iphone, Ipod Touch, Safari 2026-04-23 N/A
Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple iPhone 1.1.4 and 2.0 and iPod touch 1.1.4 and 2.0 allows remote attackers to cause a denial of service (browser crash) via a JavaScript alert call with an argument that lacks breakable characters and has a length that is a multiple of the memory page size, leading to an out-of-bounds read.
CVE-2008-3951 1 Vastal 1 Agent Zone 2026-04-23 N/A
SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the ann_id parameter.
CVE-2008-3952 1 Editeurscripts Esfaq 1 2.0 2026-04-23 N/A
SQL injection vulnerability in questions.php in EsFaq 2.0 allows remote attackers to execute arbitrary SQL commands via the idcat parameter.
CVE-2008-3953 1 Vastal 1 Shaadi Zone 2026-04-23 N/A
SQL injection vulnerability in keyword_search_action.php in Vastal I-Tech Shaadi Zone 1.0.9 allows remote attackers to execute arbitrary SQL commands via the tage parameter.
CVE-2008-3954 1 Alstrasoft 1 Forum Pay Per Post Exchange 2026-04-23 N/A
SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showcat action.