CVE-2008-5963

CVE-2021-39215 - Jitsi Meet is an open source video conferencing application. In versions prior to 2.0.5963, a Prosody module allows the use of symmetrical algorithms to validate JSON web tokens. This means that tokens generated by arbitrary sources can be used to ...
3 years ago

CVE-2008-5963 - Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to execute arbitrary PHP code via the objectname parameter. ...
7 years ago

CVE-2014-5963 - The Halieutics (aka com.corn.Halieutics) application 21.40.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. ...
10 years ago

CVE-2012-5963 - Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote attackers to execute arbitrary ...
9 years ago

CVE-2016-5963 - IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 does not properly validate updates, which allows remote authenticated users to execute arbitrary code via unspecified vectors. ...
8 years ago

CVE-2006-5963 - Directory traversal vulnerability in PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221 allows user-assisted remote attackers to extract files to arbitrary pathnames via a ../ (dot dot slash) in a filename. ...
7 years ago

CVE-2007-5963 - Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors. ...
7 years ago

CVE-2013-5963 - Unrestricted file upload vulnerability in multi.php in Simple Dropbox Upload plugin before 1.8.8.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct ...
7 years ago

CVE-2015-5963 - contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record ...
7 years ago

CVE-2018-5963 - CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the title parameter. ...
7 years ago

CVE-2017-5963 - An issue was discovered in caddy (for TYPO3) before 7.2.10. The vulnerability exists due to insufficient filtration of user-supplied data in the "paymillToken" HTTP POST parameter passed to the ...
6 years ago

CVE-2020-5963 - NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure. ...
3 years ago

CVE-2021-33506 - jitsi-meet-prosody in Jitsi Meet before 2.0.5963-1 does not ensure that restrict_room_creation is set by default. This can allow an attacker to circumvent conference moderation. ...
3 years ago

CVE-2019-5963 - Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. ...
2 years ago

CVE-2023-5963 - An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax ...
8 months ago

CVE-2024-5963 - Unquoted Executable Path vulnerability in Hitachi Device Manager on Windows (Device Manager Server component).This issue affects Hitachi Device Manager: before 8.8.7-00. ...
10 months ago

CVE-2025-5963 - The Postbox's configuration on macOS, specifically the presence of entitlements: "com.apple.security.cs.allow-dyld-environment-variables" and "com.apple.security.cs.disable-library-validation" allows for Dynamic Library (Dylib) ...
17 hours ago

CVE-2008-1378 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-2008-2362. Reason: This candidate has been withdrawn by its CNA. It was SPLIT into separate candidates before publication. Notes: All CVE users should ...
55 years ago Tenable.com

CVE-2008-2617 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2615 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2621 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2622 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2616 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2618 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2620 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago