Export limit exceeded: 366859 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366859 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1791 1 Mygamingladder 1 Mygamingladder 2026-04-23 N/A
SQL injection vulnerability in ladder.php in My Gaming Ladder 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the ladderid parameter.
CVE-2008-1792 2 Drupal, Drupalr 2 Drupal, Flickr 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the insertion filter in the Flickr Drupal module 5.x before 5.x-1.3 and 6.x before 6.x-1.0-alpha allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1793 1 Hoffice 3 Smart Classified Ads, Smart Photo Ads, Smart Photo Ads Gold 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in view.cgi in Smart Classified ADS Professional, Smart Photo ADS, and Smart Photo ADS Gold allow remote attackers to inject arbitrary web script or HTML via the (1) AdNum and (2) Department parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1794 1 Drupal 1 Webform Module 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Webform Drupal module 5.x before 5.x-1.10, 5.x-2.x before 5.x-2.0-beta3, and 6.x before 6.x-1.0-beta3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1795 1 Blackboard 1 Academic Suite 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Academic Suite 7.x and earlier, and possibly some 8.0 versions, allow remote attackers to inject arbitrary web script or HTML via (1) the searchText parameter in a Course action to webapps/blackboard/execute/viewCatalog or (2) the data__announcements___pk1_pk2__subject parameter in an ADD action to bin/common/announcement.pl.
CVE-2008-1796 2 Comix, Redhat 2 Comix, Fedora 2026-04-23 N/A
Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service.
CVE-2008-1797 1 Secure Computing 1 Webwasher 2026-04-23 N/A
Unspecified vulnerability in Secure Computing Webwasher 5.30 before build 3159 and 6.3.0 before build 3150 allows remote attackers to cause a denial of service (freeze) via a crafted URL.
CVE-2008-1798 1 Dragoon 1 Dragoon 2026-04-23 N/A
Directory traversal vulnerability in forum/kietu/libs/calendrier.php in Dragoon 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cal[lng] parameter.
CVE-2008-1799 1 Sabros.us 1 Sabros.us 2026-04-23 N/A
Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter.
CVE-2008-1800 1 Divx 1 Divxdb 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DivXDB 2002 0.94b allow remote attackers to inject arbitrary web script or HTML via the (1) choice, (2) _page_, (3) zone_admin, (4) general_search, and (5) import parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1801 2 Rdesktop, Redhat 2 Rdesktop, Enterprise Linux 2026-04-23 N/A
Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.
CVE-2008-1802 1 Rdesktop 1 Rdesktop 2026-04-23 N/A
Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.
CVE-2008-1803 2 Rdesktop, Redhat 2 Rdesktop, Enterprise Linux 2026-04-23 N/A
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
CVE-2008-1804 1 Snort 1 Snort 2026-04-23 N/A
preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment.
CVE-2008-1805 1 Skype Technologies 1 Skype 2026-04-23 N/A
Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI that ends in an executable extension that is not covered by the blacklist.
CVE-2008-1806 2 Freetype, Redhat 2 Freetype, Enterprise Linux 2026-04-23 N/A
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.
CVE-2008-1807 2 Freetype, Redhat 2 Freetype, Enterprise Linux 2026-04-23 N/A
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
CVE-2008-1808 2 Freetype, Redhat 2 Freetype, Enterprise Linux 2026-04-23 N/A
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow.
CVE-2008-1809 1 Novell 1 Edirectory 2026-04-23 N/A
Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."
CVE-2008-1810 2 Linux, Sap 2 Linux Kernel, Maxdb 2026-04-23 N/A
Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable.