Export limit exceeded: 355998 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6734 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3127 | 1 Microsoft | 5 Compatibility Pack Word Excel Powerpoint, Excel, Excel Viewer and 2 more | 2026-04-23 | N/A |
| Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache Memory Corruption Vulnerability." | ||||
| CVE-2008-3434 | 1 Apple | 1 Itunes | 2026-04-23 | N/A |
| Apple iTunes before 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | ||||
| CVE-2008-3433 | 1 Speedbit | 1 Download Accelerator Plus | 2026-04-23 | N/A |
| SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | ||||
| CVE-2008-3402 | 1 Hscripts | 1 Hiox Random Ad | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in HIOX Browser Statistics (HBS) 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the hm parameter to (1) hioxupdate.php and (2) hioxstats.php. | ||||
| CVE-2008-3401 | 1 Hscripts | 1 Hiox Random Ad | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in hioxRandomAd.php in HIOX Random Ad (HRA) 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the hm parameter. | ||||
| CVE-2008-0423 | 1 Lama | 1 Lama Software | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Lama Software allow remote attackers to execute arbitrary PHP code via a URL in the MY_CONF[classRoot] parameter to (1) inc.steps.access_error.php, (2) inc.steps.check_login.php, or (3) inc.steps.init_system.php in admin/functions/. | ||||
| CVE-2008-3399 | 1 Xrms | 1 Xrms Crm | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in activities/workflow-activities.php in XRMS CRM 1.99.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the include_directory parameter. | ||||
| CVE-2008-3368 | 1 Atutor | 1 Atutor | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter. | ||||
| CVE-2008-3354 | 1 Runcms | 2 Newbb Plus Module, Runcms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config.php, different vectors than CVE-2006-0659. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3332 | 1 Mantis | 1 Mantis | 2026-04-23 | N/A |
| Eval injection vulnerability in adm_config_set.php in Mantis before 1.1.2 allows remote authenticated administrators to execute arbitrary code via the value parameter. | ||||
| CVE-2008-3313 | 1 Creacms | 1 Creacms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in CreaCMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) cfg[document_uri] parameter to _administration/edition_article/edition_article.php and the (2) cfg[base_uri_admin] parameter to _administration/fonctions/get_liste_langue.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3311 | 1 Adam Scheinberg | 1 Flip | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in config.php in Adam Scheinberg Flip 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter. | ||||
| CVE-2008-3308 | 1 Carlos Desseno | 1 Youtube Blog | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in cuenta/cuerpo.php in C. Desseno YouTube Blog (ytb) 0.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the base_archivo parameter. | ||||
| CVE-2008-3298 | 1 Social Engine | 1 Social Engine | 2026-04-23 | N/A |
| SocialEngine (SE) before 2.83 grants certain write privileges for templates, which allows remote authenticated administrators to execute arbitrary PHP code. | ||||
| CVE-2008-3294 | 1 Vim | 1 Vim | 2026-04-23 | N/A |
| src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure. | ||||
| CVE-2008-3285 | 1 Alain Barbet | 1 Filesys Smbclientparser | 2026-04-23 | N/A |
| The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters. | ||||
| CVE-2008-3246 | 2 Blackberry, Rim | 7 Enterprise Server, Unite, Blackberry Enterprise Server and 4 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment. | ||||
| CVE-2008-3232 | 1 Dotclear | 1 Dotclear | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in ecrire/images.php in Dotclear 1.2.7.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images. | ||||
| CVE-2008-2684 | 1 Blackice | 1 Black Ice Barcode Sdk | 2026-04-23 | N/A |
| The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2649 | 1 Don3 | 1 Desktoponnet | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in DesktopOnNet 3 Beta allow remote attackers to execute arbitrary PHP code via a URL in the app_path parameter to (1) don3_requiem.don3app/don3_requiem.php and (2) frontpage.don3app/frontpage.php. | ||||