ReportizFlow
Filtered by vendor
Subscriptions
Total
5490 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0704 | 1 Hp | 3 Alpha, Integrity, Open Vms Tcp-ip Services | 2026-04-23 | N/A |
| Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown vectors. | ||||
| CVE-2009-2834 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a (1) USB or (2) Bluetooth keyboard via unspecified vectors. | ||||
| CVE-2008-0707 | 1 Hp | 2 Hp-ux, Storageworks Library And Tape Tools | 2026-04-23 | N/A |
| HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2008-2722 | 1 Menalto | 1 Gallery | 2026-04-23 | N/A |
| Menalto Gallery before 2.2.5 allows remote attackers to bypass permissions for sub-albums via a ZIP archive. | ||||
| CVE-2008-3454 | 1 Jnshosts | 1 Php Hosting Directory | 2026-04-23 | N/A |
| JnSHosts PHP Hosting Directory 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the "adm" cookie value to 1. | ||||
| CVE-2008-2174 | 1 Shelter Manager | 1 Animal Shelter Manager | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 have unknown impact and attack vectors, related to "various areas where security was missing." | ||||
| CVE-2008-1625 | 1 Avast | 2 Avast Antivirus Home, Avast Antivirus Professional | 2026-04-23 | N/A |
| aavmker4.sys in avast! Home and Professional 4.7 for Windows does not properly validate input to IOCTL 0xb2d60030, which allows local users to gain privileges via certain IOCTL requests. | ||||
| CVE-2008-2300 | 1 Citrix | 4 Access Essentials, Citrix Presentation Server, Desktop Server and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors. | ||||
| CVE-2008-1628 | 1 Linux | 1 Audit | 2026-04-23 | N/A |
| Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0477 | 1 Sun | 1 Opensolaris | 2026-04-23 | N/A |
| Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv_100 allows local users to gain privileges via vectors related to the contract filesystem. | ||||
| CVE-2008-1681 | 1 Ibm | 1 Db2 Content Manager | 2026-04-23 | N/A |
| Unspecified vulnerability in IBM DB2 Content Manager before 8.3 FP8 has unknown impact and attack vectors related to the AllowedTrustedLogin privilege. | ||||
| CVE-2008-4210 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. | ||||
| CVE-2006-7223 | 1 Xwiki | 1 Xwiki | 2026-04-23 | N/A |
| PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the user who last modified a document, which allows remote authenticated users without programming rights to execute arbitrary code by selecting a document whose author has programming rights, modifying this document to contain a script, and previewing without saving the document. | ||||
| CVE-2009-3207 | 2 Drewish, Drupal | 2 Imagecache, Drupal | 2026-04-23 | N/A |
| The ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10, a module for Drupal, when the private file system is used, does not properly perform access control for derivative images, which allows remote attackers to view arbitrary images via a request that specifies an image's filename. | ||||
| CVE-2009-3257 | 1 Vtiger | 1 Vtiger Crm | 2026-04-23 | N/A |
| vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the (1) Account Billing Address and (2) Shipping Address fields in a profile by creating a Sales Order (SO) associated with that profile. | ||||
| CVE-2009-3258 | 1 Vtiger | 1 Vtiger Crm | 2026-04-23 | N/A |
| vtiger CRM before 5.1.0 allows remote authenticated users, with certain View privileges, to delete (1) attachments, (2) reports, (3) filters, (4) views, and (5) tickets; insert (6) attachments, (7) reports, (8) filters, (9) views, and (10) tickets; and edit (11) reports, (12) filters, (13) views, and (14) tickets via unspecified vectors. | ||||
| CVE-2008-0709 | 4 Hp, Microsoft, Redhat and 1 more | 6 Hp-ux, Select Identity, Windows 2003 Server and 3 more | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to access other user accounts via unknown vectors, a different issue than CVE-2008-0214. | ||||
| CVE-2009-3564 | 2 Fedoraproject, Reductivelabs | 2 Fedora, Puppet | 2026-04-23 | N/A |
| puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files. | ||||
| CVE-2008-1784 | 1 Prozilla | 1 Topsites | 2026-04-23 | N/A |
| Prozilla Topsites 1.0 allows remote attackers to perform administrative actions via a direct request to (1) addu.php, (2) editu.php, and (3) uidx.php in siteadmin/. | ||||
| CVE-2008-3173 | 1 Microsoft | 1 Internet Explorer | 2026-04-23 | N/A |
| Microsoft Internet Explorer allows web sites to set cookies for domains that have a public suffix with more than one dot character, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking." NOTE: this issue may exist because of an insufficient fix for CVE-2004-0866. | ||||