Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2528 | 1 Citrix | 1 Access Gateway | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier allows attackers to bypass authentication and gain "access to network resources" via unspecified vectors.
|
|||||
| CVE-2008-3731 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other versions before 7.2.0.1, allows remote authenticated users to cause a denial of service (daemon crash) via an SSH session with SFTP commands for directory creation and logging.
|
|||||
| CVE-2009-3402 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote authenticated users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2008-7199 | 1 Phoenixcontact | 1 Fl Il 24 Bk-pac | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a denial of service (hang) via (1) unspecified manipulations as demonstrated by a Nessus scan or (2) malformed input to TCP port 502.
|
|||||
| CVE-2006-5748 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger memory corruption.
|
|||||
| CVE-2007-0280 | 1 Oracle | 3 Application Server, Collaboration Suite, Http Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN01. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that OPMN01 is for a buffer overflow in Oracle Notification Service (ONS).
|
|||||
| CVE-2009-3383 | 1 Mozilla | 1 Firefox | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-3099 | 2 Hp, Microsoft | 2 Operations Manager, Windows Server 2003 | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP OpenView Operations Manager 8.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2007-3872. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2008-4793 | 1 Drupal | 1 Drupal | 2025-04-09 | 7.5 HIGH | N/A |
|
The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules.
|
|||||
| CVE-2008-3998 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2007-6491 | 1 Kvaliitti | 1 Webdoc Cms | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS allow remote attackers to execute arbitrary SQL commands via (1) the cat_id parameter to categories.asp; and probably (2) the document_id parameter to categories.asp, and the (3) cat_id and (4) document_id parameters to subcategory.asp.
|
|||||
| CVE-2007-6097 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted."
|
|||||
| CVE-2008-1823 | 1 Oracle | 1 Jinitiator | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.14 has unknown impact and remote attack vectors, aka AS01.
|
|||||
| CVE-2008-7099 | 1 Qsoft-inc | 1 K-rate | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Manage Templates feature in Qsoft K-Rate Premium allows remote attackers to execute arbitrary PHP code via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2008-6709 | 1 Avaya | 2 Communication Manager, Sip Enablement Services | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restoring parameters."
|
|||||
| CVE-2007-1765 | 2 Avaya, Microsoft | 10 Definity One Media Server, Ip600 Media Servers, S3400 and 7 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.
|
|||||
| CVE-2008-0712 | 1 Hp | 1 Software Update | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might overlap CVE-2007-6513.
|
|||||
| CVE-2009-1972 | 1 Oracle | 1 Database Server | 2025-04-09 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL and DBMS_SQL.
|
|||||
| CVE-2009-1008 | 2 Ibm, Oracle | 2 Websphere Portal, Application Server | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010.
|
|||||
| CVE-2007-0268 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) the Advanced Queuing component and sys.dbms_aqsys.dbms_aq privileges (DB01), (2) Advanced Replication and sys.dbms_repcat_untrusted (DB07), and (3) Oracle Text and ctxload (DB15). NOTE: Oracle has not publicly claims by reliable researchers that DB01 is for SQL injection in the SYS.DBMS_AQ_INV package, and DB07 is for a buffer overflow in the UNREGISTER_SN ...
Show More |
|||||
| CVE-2007-0916 | 1 Hp | 1 Hp-ux | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
|
|||||
| CVE-2009-0981 | 1 Oracle | 1 Database 11g | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue allows remote authenticated users to obtain APEX password hashes from the WWV_FLOW_USERS table via a SELECT statement.
|
|||||
| CVE-2009-1986 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 2.6 LOW | N/A |
|
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality via unknown vectors.
|
|||||
| CVE-2009-1423 | 1 Hp | 3 Procurve Switch 5400zl, Procurve Switch 8200zl, Procurve Threat Management Services Zl Module | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and earlier allows remote attackers to cause a denial of service via unknown vectors, aka PR_39898, a different vulnerability than CVE-2009-1424 and CVE-2009-1425.
|
|||||
| CVE-2007-5851 | 1 Apple | 1 Mac Os X | 2025-04-09 | 3.6 LOW | N/A |
|
iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors.
|
|||||
| CVE-2009-1156 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2025-04-09 | 5.7 MEDIUM | N/A |
|
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet.
|
|||||
| CVE-2008-3804 | 1 Cisco | 1 Ios | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.
|
|||||
| CVE-2007-3263 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors, related to "incorrect authorization on a remote interface to the SDO repository."
|
|||||
| CVE-2008-3992 | 1 Oracle | 1 Database 10g | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to DMSYS.DBMS_DM_EXP_INTERNAL.
|
|||||
| CVE-2008-2388 | 1 Opensuse | 1 Opensuse | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."
|
|||||
| CVE-2007-6450 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
|
|||||
| CVE-2009-1996 | 1 Oracle | 1 Database Server | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Logical Standby component in Oracle Database allows remote authenticated users to affect integrity via unknown vectors.
|
|||||
| CVE-2009-3408 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 5.1 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2007-5861 | 1 Apple | 1 Mac Os X | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer.
|
|||||
| CVE-2009-2860 | 1 Ibm | 1 Db2 | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via "malicious packets."
|
|||||
| CVE-2008-2502 | 1 Emule | 1 X Ray | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the web server in eMule X-Ray before 1.4 allows remote attackers to trigger memory corruption via unknown attack vectors.
|
|||||
| CVE-2009-3025 | 1 Pidgin | 1 Pidgin | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to cause a denial of service (crash) via a link in a Yahoo IM.
|
|||||
| CVE-2009-1240 | 1 Ibm | 4 Network Multi-function Security, Proventia Desktop Endpoint Security, Proventia Network Mail Security System and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive.
|
|||||
| CVE-2008-4003 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality via unknown vectors.
|
|||||
| CVE-2009-2667 | 1 Ibm | 1 Tklm | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in IBM Tivoli Key Lifecycle Manager (TKLM) 1.0 has unknown impact and attack vectors, related to a "password security vulnerability."
|
|||||