Export limit exceeded: 45194 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45194 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5844 | 1 Php | 1 Php | 2026-04-23 | N/A |
| PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally disables magic_quotes_gpc regardless of the actual magic_quotes_gpc setting, which might make it easier for context-dependent attackers to conduct SQL injection attacks and unspecified other attacks. | ||||
| CVE-2008-5868 | 1 Intellitamper | 1 Intellitamper | 2026-04-23 | N/A |
| Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file. | ||||
| CVE-2008-5876 | 1 Irrlicht | 1 Irrlicht | 2026-04-23 | N/A |
| Buffer overflow in Irrlicht before 1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors in the B3D loader. | ||||
| CVE-2008-5902 | 1 Xrdp | 1 Xrdp | 2026-04-23 | N/A |
| Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request. | ||||
| CVE-2008-5903 | 1 Xrdp | 1 Xrdp | 2026-04-23 | N/A |
| Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the edit_pos structure member. | ||||
| CVE-2008-5911 | 1 Realnetworks | 2 Helix Server, Helix Server Mobile | 2026-04-23 | N/A |
| Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NTLM authentication request with malformed base64-encoded data, (3) an RTSP DESCRIBE command, or (4) a DataConvertBuffer request. | ||||
| CVE-2008-5982 | 1 Bmc | 1 Patrol Agent | 2026-04-23 | N/A |
| Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message. | ||||
| CVE-2008-6005 | 1 W3c | 1 Amaya Web Browser | 2026-04-23 | N/A |
| Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via "duplicated" attribute value inputs. | ||||
| CVE-2008-6070 | 1 Graphicsmagick | 1 Graphicsmagick | 2026-04-23 | N/A |
| Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6071 | 1 Graphicsmagick | 1 Graphicsmagick | 2026-04-23 | N/A |
| Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6085 | 1 F-secure | 17 F-secure Anti-virus, F-secure Anti-virus For Citrix Servers, F-secure Anti-virus For Microsoft Exchange and 14 more | 2026-04-23 | N/A |
| Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow. | ||||
| CVE-2008-6171 | 1 Drupal | 1 Drupal | 2026-04-23 | N/A |
| includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header. | ||||
| CVE-2008-6186 | 1 Raidenftpd | 1 Raidenftpd | 2026-04-23 | N/A |
| Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via long (1) CWD and (2) MLST commands. | ||||
| CVE-2009-1028 | 1 Edisys | 1 Ezip Wizard | 2026-04-23 | N/A |
| Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file. | ||||
| CVE-2008-6252 | 1 Smcfancontrol | 1 Smcfancontrol | 2026-04-23 | N/A |
| Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 allows local users to execute arbitrary code and gain privileges via a long -k option. | ||||
| CVE-2008-6363 | 1 Capilano | 1 Designworks | 2026-04-23 | N/A |
| Stack-based buffer overflow in DesignWorks Professional 4.3.1 and 5.0.7 allows remote attackers to execute arbitrary code via a crafted .cct file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6393 | 2 Jabber, Psi-im | 2 Jabber Client, Psi | 2026-04-23 | N/A |
| PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer overflow. | ||||
| CVE-2008-6395 | 1 3com | 1 Wireless 8760 Dual-radio | 2026-04-23 | N/A |
| The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers to cause a denial of service (device crash) via a malformed HTTP POST request. | ||||
| CVE-2008-6415 | 1 Youngzsoft | 1 Ccproxy | 2026-04-23 | N/A |
| Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via a CONNECTION request with a long hostname. | ||||
| CVE-2008-6441 | 1 Epicgames | 1 Unreal Engine | 2026-04-23 | N/A |
| Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games, allows remote servers to execute arbitrary code via (1) the CLASS parameter in a DLMGR command, (2) a malformed package (PKG), and possibly (3) the LEVEL parameter in a WELCOME command. | ||||