Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1147 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors.
|
|||||
| CVE-2008-3986 | 1 Oracle | 1 Application Server | 2025-04-09 | 1.0 LOW | N/A |
|
Unspecified vulnerability in the Oracle Discoverer Administrator component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows local users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2009-1666 | 1 Cyclomedia | 1 Cycloscopelite | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple unspecified vulnerabilities in CycloMedia CycloScopeLite 2.50.3.0 allow remote attackers to execute arbitrary code via the ReturnConnection method in (1) CM_ADOConnection.dll, (2) CM_AddressInfoDBC.dll, and (3) CM_RecordingLocationDBC.dll, related to improper dereferencing. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2007-5518 | 1 Oracle | 1 Application Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 10.1.3.2 has unknown impact and remote attack vectors, aka AS03.
|
|||||
| CVE-2008-3988 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to affect confidentiality via unknown vectors.
|
|||||
| CVE-2007-6111 | 2 Ethereal Group, Wireshark | 2 Ethereal, Wireshark | 2025-04-09 | 7.1 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.
|
|||||
| CVE-2008-3156 | 1 Panda | 1 Panda Activescan | 2025-04-09 | 9.3 HIGH | N/A |
|
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
|
|||||
| CVE-2009-1002 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 5.8 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors.
|
|||||
| CVE-2006-5359 | 1 Oracle | 2 Application Server, E-business Suite | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Oracle E-Business Suite and Applications 11.5.10CU2, have unknown impact and remote attack vectors, aka Vuln# (1) REP01 and (2) REP02. NOTE: as of 20061027, Oracle has not disputed reports from a reliable researcher that these issues are related to (a) showenv and (b) parsequery for REP01, and (c) cellwrapper and (d) delimiter for REP02.
|
|||||
| CVE-2009-2489 | 1 Sun | 1 Ray Server Software | 2025-04-09 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors.
|
|||||
| CVE-2008-5442 | 1 Oracle | 1 Secure Backup | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5441 and CVE-2008-5443.
|
|||||
| CVE-2008-5440 | 1 Oracle | 1 Timesten In-memory Database | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this is a format string vulnerability via the msg parameter in the evtdump CGI module.
|
|||||
| CVE-2009-2136 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames.
|
|||||
| CVE-2007-5512 | 1 Oracle | 1 Database Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV and 10.2.0.3 has unknown impact and remote attack vectors, aka DB21.
|
|||||
| CVE-2007-5832 | 1 Ssl-explorer | 1 Ssl-explorer | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in selectLanguage.do in SSL-Explorer before 0.2.15 allows remote attackers to inject (1) headers or (2) body data in an HTTP transaction, a different vulnerability than CVE-2007-2907. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-6021 | 1 Attachmate | 1 Reflection For Secure It | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka "security vulnerabilities found by 3rd party analysis."
|
|||||
| CVE-2008-5685 | 1 Sun | 3 Netra, Scapp, Sun Fire | 2025-04-09 | 10.0 HIGH | N/A |
|
Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows remote attackers to access the System Controller (SC), the system console, and possibly the host OS, and cause a denial of service (shutdown or reboot), via spoofed IP packets.
|
|||||
| CVE-2008-6342 | 2 Lobacher Patrick, Typo3 | 2 Simplefilebrowser, Typo3 | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.
|
|||||
| CVE-2008-2602 | 1 Oracle | 2 Data Pump Component, Database Server | 2025-04-09 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to the IMP_FULL_DATABASE role.
|
|||||
| CVE-2009-3720 | 4 A M Kuchling, Apache, Libexpat Project and 1 more | 4 Pyxml, Http Server, Libexpat and 1 more | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.
|
|||||
| CVE-2008-4412 | 1 Hp | 1 Systems Insight Manager | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2007-4045 | 2 Apple, Fedoraproject | 2 Cups, Fedora | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation.
|
|||||
| CVE-2007-5618 | 1 Vmware | 3 Player, Server, Workstation | 2025-04-09 | 7.2 HIGH | N/A |
|
Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs.
|
|||||
| CVE-2007-5534 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the HCM component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 Bundle 13 9.0 Bundle 3 has unknown impact and remote attack vectors, aka PSE_HCM01.
|
|||||
| CVE-2009-0123 | 2 Apple, Microsoft | 3 Mac Os X, Safari, Windows | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows allows remote attackers to read arbitrary files on a client machine via vectors related to the association of Safari with the (1) feed, (2) feeds, and (3) feedsearch URL types for RSS feeds. NOTE: as of 20090114, the only disclosure is a vague pre-advisory. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2008-2594 | 1 Oracle | 1 Oracle Application Server | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2593.
|
|||||
| CVE-2009-0986 | 1 Oracle | 2 Database 10g, Database 11g | 2025-04-09 | 5.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2009-2912 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls.
|
|||||
| CVE-2008-4062 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) intera ...
Show More |
|||||
| CVE-2009-1018 | 1 Oracle | 1 Database Server | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LTRIC (WMSYS.LTRIC).
|
|||||
| CVE-2008-3049 | 1 Typo3 | 1 Pdf Generator 2 Extension | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2009-2186 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2009-1860, related to an older issue that "was previously resolved in Shockwave Player 11.0.0.465."
|
|||||
| CVE-2008-4630 | 1 Midgard | 1 Midgard Components Framework | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Midgard Components (MidCOM) Framework before 8.09.1 have unknown impact and attack vectors.
|
|||||
| CVE-2008-3174 | 1 Computer Associates | 3 Host Based Intrusion Prevention System, Internet Security Suite, Personal Firewall | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, allows remote attackers to cause a denial of service via unknown vectors, related to "insufficient validation."
|
|||||
| CVE-2009-1999 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers to affect integrity via unknown vectors.
|
|||||
| CVE-2008-1187 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.
|
|||||
| CVE-2009-0979 | 1 Oracle | 1 Database 9i | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2009-4457 | 1 Provider4u | 1 Vsftpd Webmin Module | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the Vsftpd Webmin module before 1.3b for the Vsftpd server have unknown impact and attack vectors related to "Some security issues."
|
|||||
| CVE-2008-5349 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key.
|
|||||
| CVE-2007-5118 | 1 Sun | 1 Solaris | 2025-04-09 | 4.7 MEDIUM | N/A |
|
Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors.
|
|||||