Total
266174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-7229 | 1 Greensql | 1 Greensql Firewall | 2024-02-28 | 7.5 HIGH | N/A |
| GreenSQL Firewall (greensql-fw) before 0.9.2 allows remote attackers to bypass SQL injection protection via a crafted string, possibly involving an encoded space character (%20). | |||||
| CVE-2009-0150 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 4.4 MEDIUM | N/A |
| Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image. | |||||
| CVE-2009-2032 | 1 Pagedowntech | 1 Pdshoppro | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2008-2369 | 1 Redhat | 1 Satellite | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
| manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements. | |||||
| CVE-2009-3306 | 1 Richrumble | 1 Clearsite | 2024-02-28 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/header.php in ClearSite 4.50 allows remote attackers to execute arbitrary PHP code via a URL in the cs_base_path parameter. | |||||
| CVE-2008-3206 | 1 Iamilkay | 1 Yuhhu Pubs Black Cat | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black Cat allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2008-4159 | 1 Zanfi Solutions | 2 Jaw Portal, Zanfi Cms Lite | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter. | |||||
| CVE-2008-5711 | 1 Facebook | 1 Photouploader | 2024-02-28 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value. | |||||
| CVE-2009-0504 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 2.1 LOW | N/A |
| WSPolicy in the Web Services component in IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.1 does not properly recognize the IDAssertion.isUsed binding property, which allows local users to discover a password by reading a SOAP message. | |||||
| CVE-2008-6952 | 1 Cms.maury91 | 1 Maurycms | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||||
| CVE-2008-5969 | 1 Sunbyte | 1 E-flower | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-5122 | 1 Ektron | 1 Cms4000.net | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter. | |||||
| CVE-2008-1629 | 1 Pau Rodriguez | 1 Phpkrm | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHPkrm before 1.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-0992 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 5.8 MEDIUM | N/A |
| Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value. | |||||
| CVE-2009-0489 | 1 David Paleino | 1 Wicd | 2024-02-28 | 2.1 LOW | N/A |
| The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, which allows local users to receive messages that were intended for the Wicd daemon, possibly including credentials. | |||||
| CVE-2008-1472 | 2 Computer Associates, Unicenter | 7 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Unicenter Dsm R11 List Control Atx and 4 more | 2024-02-28 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method. | |||||
| CVE-2008-3514 | 1 Vmware | 1 Virtualcenter | 2024-02-28 | 5.0 MEDIUM | N/A |
| VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 relies on client-side "enabled/disabled functionality" for access control, which allows remote attackers to determine valid user names by enabling functionality in the GUI and then making an "attempt to assign permissions to other system users." | |||||
| CVE-2008-2856 | 1 Ownrs | 1 Ownrs | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-2525 | 1 Typo3 | 1 Rlmp Eventdb | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Event Database (aka rlmp_eventdb) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-6109 | 1 Shelter Manager | 1 Animal Shelter Manager | 2024-02-28 | 4.6 MEDIUM | N/A |
| Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not properly enforce the privileges of user accounts, which allows local users to bypass intended access restrictions by (1) opening unspecified screens, related to the "double click selector bug"; or modifying a (2) animal, (3) owner, (4) lost/found, (5) diary note, (6) owner donation, or (7) waiting list record, related to "change permissions" and the "new UI." | |||||