Export limit exceeded: 46821 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 23445 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23445 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3934 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | ||||
| CVE-2008-3826 | 2 Condor Project, Redhat | 2 Condor, Enterprise Mrg | 2026-04-23 | N/A |
| Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors. | ||||
| CVE-2008-3141 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors. | ||||
| CVE-2008-3198 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-23 | N/A |
| Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page. NOTE: this can be leveraged to execute arbitrary code using CVE-2008-2933. | ||||
| CVE-2008-2365 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop | 2026-04-23 | N/A |
| Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to "late ptrace_may_attach() check" and "race around &dead_engine_ops setting," a different vulnerability than CVE-2007-0771 and CVE-2008-1514. NOTE: this issue might only affect kernel versions before 2.6.16.x. | ||||
| CVE-2008-3114 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074. | ||||
| CVE-2008-2941 | 2 Hp, Redhat | 2 Linux Imaging And Printing Project, Enterprise Linux | 2026-04-23 | N/A |
| The hpssd message parser in hpssd.py in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to cause a denial of service (process stop) via a crafted packet, as demonstrated by sending "msg=0" to TCP port 2207. | ||||
| CVE-2008-2932 | 1 Redhat | 1 Adminutil | 2026-04-23 | N/A |
| Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-2929. | ||||
| CVE-2008-2929 | 2 Fedora, Redhat | 2 Directory Server, Directory Server | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping. | ||||
| CVE-2007-5964 | 1 Redhat | 1 Enterprise Linux | 2026-04-23 | N/A |
| The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to gain privileges via a setuid program on a remote NFS server. | ||||
| CVE-2007-5961 | 1 Redhat | 1 Network Satellite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2007-5960 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Enterprise Linux and 1 more | 2026-04-23 | N/A |
| Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protection schemes by setting window.location and using a modal alert dialog that causes the wrong Referer to be sent. | ||||
| CVE-2008-2802 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-23 | N/A |
| Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to this file's "privilege level." | ||||
| CVE-2008-2805 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-23 | N/A |
| Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range. | ||||
| CVE-2008-2809 | 3 Mozilla, Netscape, Redhat | 5 Firefox, Geckb, Seamonkey and 2 more | 2026-04-23 | N/A |
| Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site. | ||||
| CVE-2008-2810 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-23 | N/A |
| Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for which the user has previously saved a shortcut. | ||||
| CVE-2008-2811 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-23 | N/A |
| The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines. | ||||
| CVE-2008-2367 | 1 Redhat | 1 Certificate System | 2026-04-23 | N/A |
| Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files. | ||||
| CVE-2008-2004 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2026-04-23 | N/A |
| The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted. | ||||
| CVE-2008-1796 | 2 Comix, Redhat | 2 Comix, Fedora | 2026-04-23 | N/A |
| Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service. | ||||