Export limit exceeded: 10189 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10189 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6606 | 1 Openbiblio | 1 Openbiblio | 2025-04-09 | N/A |
| OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. | ||||
| CVE-2008-0996 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials. | ||||
| CVE-2008-1135 | 1 Omegasoft | 1 Interneserviceslosungen | 2025-04-09 | N/A |
| OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames. | ||||
| CVE-2008-1578 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the command line, which allows local users to obtain sensitive information by listing the process. | ||||
| CVE-2008-1579 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog. | ||||
| CVE-2008-1598 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges to read arbitrary kernel memory and obtain sensitive information via unspecified vectors. | ||||
| CVE-2008-1680 | 1 Future Nuke | 1 Php-nuke Platinum | 2025-04-09 | N/A |
| PHP-Nuke Platinum 7.6.b.5 allows remote attackers to obtain configuration information via a direct request to maintenance/index.php, which reveals settings such as magic_quotes_gpc. | ||||
| CVE-2008-3304 | 1 Tuxplanet | 1 Bilboblog | 2025-04-09 | N/A |
| BilboBlog 0.2.1 allows remote attackers to obtain sensitive information via (1) an enable_cache=false query string to footer.php or (2) a direct request to pagination.php, which reveals the installation path in an error message. | ||||
| CVE-2008-3339 | 1 Avidweb Technologies | 1 Jobbex Jobsite | 2025-04-09 | N/A |
| search_result.cfm in Jobbex JobSite allows remote attackers to obtain sensitive information via unspecified vectors that reveal the installation path in an error message. | ||||
| CVE-2008-3400 | 1 Xrms | 1 Xrms Crm | 2025-04-09 | N/A |
| XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to tests/info.php, which calls the phpinfo function. | ||||
| CVE-2008-4216 | 1 Apple | 1 Safari | 2025-04-09 | N/A |
| The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch local files." | ||||
| CVE-2008-4278 | 2 Microsoft, Vmware | 3 Windows, Virtual Infrastructure Client, Virtualcenter | 2025-04-09 | N/A |
| VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password. | ||||
| CVE-2008-5096 | 1 Typo3 | 2 File List Extension, Typo3 | 2025-04-09 | N/A |
| Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors. | ||||
| CVE-2008-5107 | 1 Citrix | 2 Desktop Server, Presentation Server | 2025-04-09 | N/A |
| The installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging is enabled, stores database credentials in MSI log files, which allows local users to obtain these credentials by reading the log files. | ||||
| CVE-2008-5322 | 1 Easy-script | 1 Wysi Wiki Wyg | 2025-04-09 | N/A |
| Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function. | ||||
| CVE-2008-5342 | 2 Redhat, Sun | 4 Rhel Extras, Jdk, Jre and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted downloaded applications to cause local files to be displayed in the browser of the user of the untrusted application via unknown vectors, aka 6767668. | ||||
| CVE-2008-6159 | 1 Hans Oesterholt | 1 Cmme | 2025-04-09 | N/A |
| Content Management Made Easy (CMME) 1.19 allows remote attackers to obtain system information via a direct request to info.php, which invokes the phpinfo function. | ||||
| CVE-2008-6737 | 1 Ea | 1 Crysis | 2025-04-09 | N/A |
| Crysis 1.21 and earlier allows remote attackers to obtain sensitive player information such as real IP addresses by sending a keyexchange packet without a previous join packet, which causes Crysis to send a disconnect packet that includes unrelated log information. | ||||
| CVE-2008-6754 | 2 Jelsoft, Mephisteus | 2 Vbulletin, The Personal Sticky Threads | 2025-04-09 | N/A |
| The Personal Sticky Threads addon 1.0.3c for vBulletin allows remote authenticated users to read the title, author, and pages of an arbitrary thread by toggling a personal sticky. | ||||
| CVE-2009-0143 | 1 Apple | 1 Itunes | 2025-04-09 | N/A |
| Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast. | ||||