• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-200

CVE-2008-1288

February 26, 2023 by

IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 might allow local or remote attackers to obtain sensitive information about users by reading user cookies.

CVE-2008-1290

February 26, 2023 by

ViewVC before 1.0.5 includes “all-forbidden” files within search results that list CVS or Subversion (SVN) commits, which allows remote attackers to obtain sensitive information.

CVE-2008-1291

February 26, 2023 by

ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder.

CVE-2008-1292

February 26, 2023 by

ViewVC before 1.0.5 provides revision metadata without properly checking whether access was intended, which allows remote attackers to obtain sensitive information by reading (1) forbidden pathnames in the revision view, (2) log history that can only be reached by traversing a forbidden object, or (3) forbidden diff view path parameters.

CVE-2008-1252

February 26, 2023 by

b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W500 DSL router allows remote attackers to obtain the logon password by reading the pwd field in the HTML source.

CVE-2008-1181

February 26, 2023 by

Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote attackers to obtain sensitive information via a direct request for remediate.cgi without certain parameters, which reveals the path in an “Execute failed” error message.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 27
  • Go to page 28
  • Go to page 29
  • Go to page 30
  • Go to page 31
  • Interim pages omitted …
  • Go to page 348
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE