Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0987 | 1 Oracle | 1 Database Server | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Upgrade component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2008-1429 | 1 Silc | 1 Silc-server | 2025-04-09 | 7.8 HIGH | N/A |
|
Secure Internet Live Conferencing (SILC) Server before 1.1.1 allows remote attackers to cause a denial of service (daemon crash) via a NEW_CLIENT packet without a nickname.
|
|||||
| CVE-2008-5907 | 2 Debian, Libpng | 2 Debian Linux, Libpng | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability.
|
|||||
| CVE-2008-3235 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors.
|
|||||
| CVE-2007-4577 | 1 Sophos | 3 Anti-virus, Scanning Engine, Small Business Suite | 2025-04-09 | 7.8 HIGH | N/A |
|
Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").
|
|||||
| CVE-2008-2601 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
|
|||||
| CVE-2007-5617 | 1 Vmware | 2 Player, Workstation | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images.
|
|||||
| CVE-2008-1825 | 1 Oracle | 1 Application Server 9i | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 has unknown impact and remote attack vectors, aka AS03.
|
|||||
| CVE-2008-4358 | 1 Spaw Editor | 1 Spaw Php | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP Edition before 2.0.8.1 has unknown impact and attack vectors, probably related to directory traversal sequences in the theme name.
|
|||||
| CVE-2009-1954 | 1 Ibm | 1 Aix | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 allows attackers to cause a denial of service (daemon hang) via unknown vectors, related to libtli.
|
|||||
| CVE-2006-5341 | 1 Oracle | 1 Database Server | 2025-04-09 | 9.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in XMLDB component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack vectors, aka (1) Vuln# DB14 and (2) DB15 related to xdb.dbms_xdbz. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB14 is for SQL injection in the PITRIG_DROP and PITRIG_DROPMETADATA functions in XDB_PITRIG_PKG, and DB15 is for SQL injection in DISABLE_HIERARCHY_INTERNAL in DBMS_XDBZ.
|
|||||
| CVE-2007-5476 | 3 Adobe, Apple, Opera | 3 Flash Player, Mac Os X, Opera Browser | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors.
|
|||||
| CVE-2008-3654 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in TikiWiki CMS/Groupware before 2.0 allows attackers to obtain "path and PHP configuration" via unknown vectors.
|
|||||
| CVE-2007-4223 | 1 Microsoft | 1 Sysinternals Debugview | 2025-04-09 | 10.0 HIGH | N/A |
|
Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copying data into kernel memory, which allows local users to gain privileges via unspecified vectors.
|
|||||
| CVE-2008-5108 | 1 Adobe | 1 Adobe Air | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in Adobe AIR 1.1 and earlier allows context-dependent attackers to execute untrusted JavaScript in an AIR application via unknown attack vectors.
|
|||||
| CVE-2009-3242 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure.
|
|||||
| CVE-2009-1206 | 1 Futomi | 1 Cgi Cafe Access Analyzer Cgi | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in futomi's CGI Cafe Access Analyzer CGI Professional Version 4.11.5 and earlier allows remote attackers to gain administrative privileges via unknown vectors.
|
|||||
| CVE-2009-1421 | 1 Hp | 2 Hp-ux, Oncplus | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in NFS / ONCplus B.11.31_06 and B.11.31_07 on HP HP-UX B.11.31 allows local users to cause a denial of service via unknown attack vectors.
|
|||||
| CVE-2008-6576 | 1 Nortel | 1 Cs1000 | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions.
|
|||||
| CVE-2008-4722 | 1 Sun | 37 Blade 6000 Modular System With Chassis, Blade 6048 Modular System With Chassis, Blade 8000 Modular System and 34 more | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26 allows remote authenticated users to (1) access the service processor (SP) and cause a denial of service (shutdown or reboot), or (2) access the host operating system and have an unspecified impact, via unknown vectors.
|
|||||
| CVE-2007-0980 | 3 Hp, Redhat, Suse | 4 Serviceguard For Linux, Enterprise Linux, Suse Linux and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.
|
|||||
| CVE-2009-1007 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Data Mining component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DMP_SYS.
|
|||||
| CVE-2007-6119 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 7.8 HIGH | N/A |
|
The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
|
|||||
| CVE-2010-0071 | 1 Oracle | 1 Database Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2008-3499 | 1 Ektron | 1 Cms4000.net | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in "a page in the workarea folder" in Ektron CMS400.NET 7.00 through 7.04 and 7.50 through 7.52 has unknown impact and attack vectors.
|
|||||
| CVE-2009-2847 | 1 Linux | 3 Kernel, Linux, Linux Kernel | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.
|
|||||
| CVE-2009-4167 | 2 Lukas Taferner, Typo3 | 2 It Basetag, Typo3 | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Automatic Base Tags for RealUrl (lt_basetag) extension 1.0.0 for TYPO3 allows remote attackers to conduct "Cache spoofing" attacks via unspecified vectors.
|
|||||
| CVE-2008-4910 | 1 Sun | 1 Java Web Start | 2025-04-09 | 10.0 HIGH | N/A |
|
The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method.
|
|||||
| CVE-2009-2452 | 1 Citrix | 1 Licensing | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have unknown impact and attack vectors, related to "underlying components of the License Management Console."
|
|||||
| CVE-2008-2160 | 1 Microsoft | 1 Windows Embedded Compact | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the JPEG (GDI+) and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted (1) JPEG and (2) GIF images.
|
|||||
| CVE-2008-2253 | 1 Microsoft | 3 Windows-nt, Windows Media Player, Windows Xp | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability."
|
|||||
| CVE-2007-6350 | 1 Scponly | 1 Scponly | 2025-04-09 | 8.5 HIGH | N/A |
|
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks.
|
|||||
| CVE-2009-3945 | 1 Joomla | 1 Joomla\! | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Front-End Editor in the com_content component in Joomla! before 1.5.15 allows remote authenticated users, with Author privileges, to replace the articles of an arbitrary user via unknown vectors.
|
|||||
| CVE-2008-3052 | 1 Typo3 | 1 Sql Frontend Extension | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2008-1827 | 1 Oracle | 2 E-business Suite 11i, E-business Suite 12 | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 and 12.0.4 have unknown impact and attack vectors related to (a) Advanced Pricing component, aka (1) APP02, (2) APP03, and (3) APP09; (b) Application Object Library component, aka (4) APP04, (5) APP07, and (6) APP11; (c) Applications Manager component, aka (7) APP06; (d) and Applications Technology Stack component, aka (8) APP08.
|
|||||
| CVE-2008-3838 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local administrators of non-global zones to read and modify NFS traffic for arbitrary non-global zones, possibly leading to file modifications or a denial of service.
|
|||||
| CVE-2007-0293 | 1 Oracle | 1 Enterprise Manager | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors related to (1) Oracle Agent (EM03) and (2) EM04 and (3) EM05 in Enterprise Manager Console. NOTE: EM05 might be related to CVE-2007-0222.
|
|||||
| CVE-2008-2621 | 1 Oracle | 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools Component | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, and CVE-2008-2622.
|
|||||
| CVE-2009-0991 | 1 Oracle | 3 Database 10g, Database 11g, Database 9i | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970.
|
|||||
| CVE-2009-1267 | 2 Microsoft, Wireshark | 2 Windows, Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
|
|||||