Export limit exceeded: 364861 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364861 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364861 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0985 1 Google 1 Android Sdk 2026-04-23 N/A
Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and earlier allows remote attackers to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height and width.
CVE-2008-0986 1 Google 1 Android Sdk 2026-04-23 N/A
Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field.
CVE-2008-0987 1 Apple 4 Aperture, Iphoto, Mac Os X and 1 more 2026-04-23 N/A
Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image.
CVE-2008-0988 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer over-read.
CVE-2008-0989 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname.
CVE-2008-0990 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death notifications have originated from the kernel, which allows local users to cause a denial of service via spoofed death notifications that prevent other applications from receiving notifications.
CVE-2008-0992 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
CVE-2008-0993 1 Apple 3 Mac Os X, Mac Os X Server, Podcast Producer 2026-04-23 N/A
Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings.
CVE-2008-0531 1 Cisco 3 Session Initiation Protocol \(sip\) Firmware, Skinny Client Control Protocol \(sccp\) Firmware, Unified Ip Phone 2026-04-23 N/A
Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote SIP servers to execute arbitrary code via a crafted challenge/response message.
CVE-2008-0532 1 Cisco 3 Acs For Windows, Acs Solution Engine, User Changeable Password 2026-04-23 N/A
Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors.
CVE-2008-0533 1 Cisco 3 Acs For Windows, Acs Solution Engine, User Changeable Password 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to inject arbitrary web script or HTML via an argument located immediately after the Help argument, and possibly unspecified other vectors.
CVE-2008-0534 2 Cisco, Icon-labs 2 Service Control Engine, Iconfidant Ssh 2026-04-23 N/A
The SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (device restart or daemon outage) via a high rate of login attempts, aka Bug ID CSCsi68582.
CVE-2008-0559 1 Nilsons Blogger 1 Nilsons Blogger 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php, accessed through index.php; and (2) the thispost parameter in comments.php.
CVE-2008-0535 2 Cisco, Icon-labs 2 Service Control Engine, Iconfidant Ssh 2026-04-23 N/A
Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (device instability) via "SSH credentials that attempt to change the authentication method," aka Bug ID CSCsm14239.
CVE-2008-0536 2 Cisco, Icon-labs 2 Service Control Engine, Iconfidant Ssh 2026-04-23 N/A
Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) 3.0.x before 3.0.7 and 3.1.x before 3.1.0, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (management interface outage) via SSH traffic that occurs during management operations and triggers "illegal I/O operations," aka Bug ID CSCsh49563.
CVE-2008-0537 1 Cisco 5 7600 Router, Catalyst 6500, Me 6524 Ethernet Switch and 2 more 2026-04-23 N/A
Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors.
CVE-2008-0538 1 Phpip 1 Phpip Management 2026-04-23 N/A
Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to login.php, the (2) id parameter to display.php, and unspecified other vectors. NOTE: some of these details are obtained from third party information.
CVE-2008-0539 1 F5 1 Big-ip Application Security Manager 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Security Manager (ASM) 9.4.3 allows remote attackers to inject arbitrary web script or HTML via the report_type parameter.
CVE-2008-0540 1 Trixbox 1 Trixbox 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in trixbox 2.4.2.0 allow remote attackers to inject arbitrary web script or HTML via the query string to index.php in (1) user/ or (2) maint/.
CVE-2008-0541 1 Gerd Tentler 1 Simple Forum 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in forum.php in Gerd Tentler Simple Forum 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) open and (2) date_show parameters.