CVE-2008-3080

CVE-2008-3080 - Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899. ...
8 years ago

CVE-2007-4173 - SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080. ...
6 years ago

CVE-2016-3080 - Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via the (1) RHNMD User or (2) Filesystem parameters, related to display of monitoring probes. ...
2 years ago

CVE-2017-3080 - Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure. ...
2 years ago

CVE-2005-3080 - contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to read arbitrary files via the language field without a source field set. ...
17 years ago

CVE-2013-3080 - VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management ...
12 years ago

CVE-2007-3080 - SQL injection vulnerability in haberoku.asp in Hunkaray Okul Portaly 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third ...
8 years ago

CVE-2014-3080 - Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the ...
8 years ago

CVE-2015-3080 - Use-after-free vulnerability in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & ...
8 years ago

CVE-2006-3080 - Cross-site scripting (XSS) vulnerability in viewposts.cfm in aXentForum II and earlier allows remote attackers to inject arbitrary web script or HTML via the startrow parameter. ...
6 years ago

CVE-2011-3080 - Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors. ...
5 years ago

CVE-2009-3080 - Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. ...
2 years ago

CVE-2010-3080 - Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful ...
2 years ago

CVE-2018-3080 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple ...
2 years ago

CVE-2023-3080 - The WP Mail Catcher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 2.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated ...
1 year ago

CVE-2022-3080 - By sending specific queries to the resolver, an attacker can cause named to crash. ...
2 years ago

CVE-2024-3080 - Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device. ...
1 year ago

CVE-2024-56673 - In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Do not call pmd dtor on vmemmap page table teardown The vmemmap's, which is used for RV64 with SPARSEMEM_VMEMMAP, page tables are populated using pmd (page middle ...
9 months ago Tenable.com

GPUHammer - First Rowhammer Attack Targeting NVIDIA GPUs - Cybersecurity researchers at the University of Toronto have achieved a breakthrough in hardware-level attacks by successfully demonstrating GPUHammer, the first Rowhammer attack specifically targeting discrete NVIDIA GPUs. The research, which focuses ...
2 months ago Cybersecuritynews.com Inception

CVE-2008-1378 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-2008-2362. Reason: This candidate has been withdrawn by its CNA. It was SPLIT into separate candidates before publication. Notes: All CVE users should ...
55 years ago Tenable.com

CVE-2008-2617 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
8 years ago

CVE-2008-2615 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
8 years ago

CVE-2008-2621 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
8 years ago

CVE-2008-2622 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
8 years ago

CVE-2008-2616 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
8 years ago