Export limit exceeded: 10706 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10706 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4097 | 1 Oracle | 1 Mysql | 2026-04-23 | N/A |
| MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079. | ||||
| CVE-2008-4098 | 5 Canonical, Debian, Mysql and 2 more | 5 Ubuntu Linux, Debian Linux, Mysql and 2 more | 2026-04-23 | N/A |
| MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097. | ||||
| CVE-2008-3257 | 3 Bea, Bea Systems, Oracle | 4 Weblogic Server, Apache Connector In Weblogic Server, Weblogic Server and 1 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request. | ||||
| CVE-2008-2576 | 1 Oracle | 1 Weblogic Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors. | ||||
| CVE-2008-2577 | 1 Oracle | 1 Weblogic Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors. | ||||
| CVE-2008-2578 | 1 Oracle | 1 Weblogic Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 and 9.2 MP1 has unknown impact and local attack vectors. | ||||
| CVE-2008-2579 | 1 Oracle | 1 Weblogic Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors. | ||||
| CVE-2008-2580 | 1 Oracle | 2 Bea Product Suite, Weblogic Server Component | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 has unknown impact and remote attack vectors. | ||||
| CVE-2008-2581 | 1 Oracle | 2 Bea Product Suite, Weblogic Server Component | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer. | ||||
| CVE-2008-2582 | 1 Oracle | 2 Bea Product Suite, Weblogic Server Component | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors. | ||||
| CVE-2008-2583 | 1 Oracle | 2 Application Server, Oracle Portal Component | 2026-04-23 | N/A |
| Unspecified vulnerability in the sample Discussion Forum Portlet for the Oracle Portal component in Oracle Application Server, as available from OTN before 20080715, has unknown impact and remote attack vectors. | ||||
| CVE-2008-2585 | 1 Oracle | 2 E-business Suite, Report Manager Component | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors. | ||||
| CVE-2008-2586 | 1 Oracle | 2 Application Object Library, E-business Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2606. | ||||
| CVE-2008-2587 | 1 Oracle | 3 Advanced Replication, Database 9i, Database Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors. | ||||
| CVE-2008-2588 | 1 Oracle | 1 Jdeveloper | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 allows local users to affect confidentiality via unknown vectors. | ||||
| CVE-2008-2589 | 1 Oracle | 2 Application Server, Oracle Portal Component | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.2, and 10.1.4.1 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a SQL injection vulnerability in the WWV_RENDER_REPORT package that allows remote attackers to execute arbitrary SQL (PL/SQL) commands via the second argument to the SHOW procedure. | ||||
| CVE-2008-2590 | 1 Oracle | 3 Database Server, Enterprise Manager 10g, Instance Management Component | 2026-04-23 | N/A |
| Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enterprise Manager 10.1.0.6 has unknown impact and remote authenticated attack vectors. | ||||
| CVE-2008-2591 | 1 Oracle | 2 Database 9i, Database Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors. | ||||
| CVE-2008-2592 | 1 Oracle | 3 Advanced Replication Component, Database Server, Oracle Database | 2026-04-23 | N/A |
| Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_DEFER_SYS. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this is a SQL injection vulnerability in the DELETE_TRAN procedure. | ||||
| CVE-2008-2593 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2594. | ||||