Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3805 | 1 Cisco | 1 Ios | 2025-04-09 | 8.5 HIGH | N/A |
|
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806.
|
|||||
| CVE-2008-2549 | 1 Adobe | 1 Acrobat Reader | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf.
|
|||||
| CVE-2009-1485 | 2 Aemuleplus, Emuleplus | 2 Emule Plus, Emule Plus | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The logging feature in eMule Plus before 1.2e allows remote attackers to cause a denial of service (infinite loop) via unspecified attack vectors.
|
|||||
| CVE-2007-4553 | 1 Thomson | 1 St 2030 Sip Phone | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via an INVITE message with a Via header that contains a '/' (slash) instead of the required space following the SIP version number.
|
|||||
| CVE-2006-5616 | 2 Openpbs, Suse | 2 Openpbs, Suse Linux | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2007-0459 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
|
packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets.
|
|||||
| CVE-2008-2591 | 1 Oracle | 2 Database 9i, Database Server | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.
|
|||||
| CVE-2008-0500 | 1 Mamboxchange | 1 Laithai | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Mambo LaiThai 4.5.5 have unknown impact and attack vectors related to (1) mod_login and (2) mod_template_chooser.
|
|||||
| CVE-2009-0982 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote authenticated users to affect integrity via unknown vectors.
|
|||||
| CVE-2008-6708 | 1 Avaya | 2 Communication Manager, Sip Enablement Services | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters."
|
|||||
| CVE-2007-6519 | 1 Hp | 1 Tru64 | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.
|
|||||
| CVE-2007-6525 | 1 Ibm | 1 Db2 Content Manager Toolkit | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) Toolkit 8.3 before fix pack 7 for z/OS has unknown impact and attack vectors, related to "scripting."
|
|||||
| CVE-2008-1412 | 1 F-secure | 12 F-secure Anti-virus, F-secure Anti-virus Client Security, F-secure Anti-virus For Linux and 9 more | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
|
|||||
| CVE-2007-5025 | 1 Vmware | 1 Ace | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in EMC VMware ACE before 1.0.3 Build 54075 allows attackers to have an unknown impact via an unspecified manipulation of "images stored in virtual machines downloaded by the user."
|
|||||
| CVE-2007-3903 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability."
|
|||||
| CVE-2007-5898 | 1 Php | 1 Php | 2025-04-09 | 6.4 MEDIUM | N/A |
|
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
|
|||||
| CVE-2006-5339 | 1 Oracle | 1 Database Server | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_geom, aka Vuln# DB11. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB11 is related to "length checking" in the RELATE function before MD2.RELATE is called.
|
|||||
| CVE-2007-5532 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.17, 8.47.14, 8.48.13, 8.49.05 has unknown impact and remote attack vectors, aka PSE01.
|
|||||
| CVE-2008-5512 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown vectors in which "page content can pollute XPCNativeWrappers."
|
|||||
| CVE-2006-5340 | 1 Oracle | 1 Database Server | 2025-04-09 | 7.1 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to (1) mdsys.sdo_lrs, aka Vuln# DB13, and (2) Vuln# DB17. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB13 is related to bypassing input validation for SQL injection related to convert_to_lrs_layer and dbms_assert, and DB17 is related to SQL injection in ...
Show More |
|||||
| CVE-2009-3352 | 1 Drupal | 1 Drupal | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the quota_by_role (Quota by role) module for Drupal have unknown impact and attack vectors.
|
|||||
| CVE-2008-2354 | 1 Testmaker | 1 Testmaker | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the data export function in testMaker before 3.0p10 allows test authors to obtain access to export data via unknown vectors.
|
|||||
| CVE-2008-7236 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05.
|
|||||
| CVE-2008-5444 | 1 Oracle | 1 Secure Backup | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5448 and CVE-2008-5449.
|
|||||
| CVE-2007-0943 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers.
|
|||||
| CVE-2007-5535 | 1 Runcms | 1 Runcms | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown impact and attack vectors.
|
|||||
| CVE-2009-3354 | 2 Andrew Sterling Hanenkamp, Drupal | 2 Rest Api Module, Drupal | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the Rest API module for Drupal have unknown impact and attack vectors.
|
|||||
| CVE-2008-4014 | 1 Oracle | 1 Application Server | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2008-0145 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-2007-4663.
|
|||||
| CVE-2006-6836 | 1 Ibm | 1 Os 400 | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and attack vectors, related to ASN.1 parsing.
|
|||||
| CVE-2007-3041 | 1 Microsoft | 1 Internet Explorer | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "ActiveX Object Memory Corruption Vulnerability."
|
|||||
| CVE-2006-6498 | 1 Mozilla | 4 Firefox, Mozilla, Seamonkey and 1 more | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.
|
|||||
| CVE-2008-1778 | 1 Sun | 1 Sunos | 2025-04-09 | 6.6 MEDIUM | N/A |
|
Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknown vectors.
|
|||||
| CVE-2007-5368 | 1 Sun | 1 Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in labeld in Trusted Extensions in Sun Solaris 10 allow local users to cause a denial of service (multiple application hang) via unspecified vectors.
|
|||||
| CVE-2009-3390 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 7.2 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library.
|
|||||
| CVE-2009-2963 | 1 Decomputeur | 1 Toolbar Uninstaller | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in the update feature in Toolbar Uninstaller 1.0.2 allows remote attackers to force the download and execution of arbitrary files via attack vectors related to a "malformed update url and a malformed update website."
|
|||||
| CVE-2008-0111 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability."
|
|||||
| CVE-2006-5039 | 1 Joomla | 2 Com Events, Events Module | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Events 1.3 beta module (com_events) for Joomla! has unspecified impact and attack vectors.
|
|||||
| CVE-2009-1977 | 1 Oracle | 1 Secure Backup | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows attackers to bypass authentication via unknown vectors involving the username parameter and login.php.
|
|||||
| CVE-2009-2028 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."
|
|||||