Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0983 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-3407.
|
|||||
| CVE-2009-3575 | 1 Tatsuhiro Tsujikawa | 1 Aria2 | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-3411 | 1 Oracle | 1 Database Server | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Data Pump component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2009-1241 | 1 Clamav | 1 Clamav | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive.
|
|||||
| CVE-2008-4047 | 1 Novell | 1 Novell Forum | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Novell Forum (formerly SiteScape Forum) 7.0, 7.1, 7.2, 7.3, and 8.0 allows remote attackers to execute arbitrary TCL code via a modified URL. NOTE: this might overlap CVE-2007-6515.
|
|||||
| CVE-2008-3537 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536.
|
|||||
| CVE-2008-4809 | 1 Ibm | 1 Lotus Connections | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the Profiles search pages in IBM Lotus Connections 2.x before 2.0.1 have unknown impact and attack vectors related to "Active" content. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2008-1766 | 1 Phpbb | 1 Phpbb | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in phpBB before 3.0.1 have unknown impact and attack vectors, related to "two minor security-related bugs."
|
|||||
| CVE-2009-0501 | 1 Moodle | 1 Moodle | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Calendar export feature in Moodle 1.8 before 1.8.8 and 1.9 before 1.9.4 allows attackers to obtain sensitive information and conduct "brute force attacks on user accounts" via unknown vectors.
|
|||||
| CVE-2009-3800 | 1 Adobe | 2 Adobe Air, Flash Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allow attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
|
|||||
| CVE-2008-3812 | 1 Cisco | 1 Ios | 2025-04-09 | 7.1 HIGH | N/A |
|
Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.
|
|||||
| CVE-2008-3826 | 1 Condor Project | 1 Condor | 2025-04-09 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors.
|
|||||
| CVE-2007-4493 | 1 Ez | 1 Ez Publish | 2025-04-09 | 10.0 HIGH | N/A |
|
eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module.
|
|||||
| CVE-2009-1021 | 1 Oracle | 1 Database Server | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2009-0627 | 1 Cisco | 3 Nexus 5000, Nexus 7000, Nx-os | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609.
|
|||||
| CVE-2008-2576 | 1 Oracle | 1 Weblogic Server | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors.
|
|||||
| CVE-2007-4697 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption.
|
|||||
| CVE-2007-5616 | 3 Linux, Opengroup, Ssh | 4 Linux Kernel, Unix, Tectia Client and 1 more | 2025-04-09 | 7.2 HIGH | N/A |
|
ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors.
|
|||||
| CVE-2008-5096 | 1 Typo3 | 2 File List Extension, Typo3 | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.
|
|||||
| CVE-2008-2597 | 1 Oracle | 2 Times Ten Client Server Component, Times Ten In Memory Database | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2598 and CVE-2008-2599.
|
|||||
| CVE-2008-6079 | 1 Enlightenment | 1 Imlib2 | 2025-04-09 | 10.0 HIGH | N/A |
|
imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."
|
|||||
| CVE-2009-3900 | 1 Ibm | 2 Aix, Powerha | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port (6177/tcp).
|
|||||
| CVE-2008-1533 | 1 Joomla | 1 Joomla | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers to perform unauthorized article operations on articles via unknown vectors.
|
|||||
| CVE-2009-0962 | 1 Futomi | 1 Mp Form Mail Cgi | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 and earlier, and CGI Professional 3.2.2 and earlier, allows remote attackers to gain administrative privileges via unknown attack vectors.
|
|||||
| CVE-2007-5527 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and remote attack vectors, related to (1) Application Object Library component (APP01), (2) Contracts Integration (APP02), (3) Applications Manager (APP04), (4) Marketing component (APP05), and (5) Exchange component (APP07).
|
|||||
| CVE-2008-5457 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2009-3573 | 1 Emc | 1 Captiva Pixtools Distributed Imaging | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwrite arbitrary files via the (1) SetLogFileName and (2) WriteToLog methods.
|
|||||
| CVE-2006-6737 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue."
|
|||||
| CVE-2008-7100 | 1 Dotnetnuke | 1 Dotnetnuke | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a "unique id" for user actions and improper validation of a "user identity."
|
|||||
| CVE-2007-4494 | 1 Ez | 1 Ez Publish | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
|
|||||
| CVE-2009-2999 | 1 Google | 1 Android | 2025-04-09 | 4.3 MEDIUM | N/A |
|
The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656.
|
|||||
| CVE-2009-0439 | 1 Ibm | 1 Websphere Mq | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the queue manager in IBM WebSphere MQ (WMQ) 5.3, 6.0 before 6.0.2.6, and 7.0 before 7.0.0.2 allows local users to gain privileges via vectors related to the (1) setmqaut, (2) dmpmqaut, and (3) dspmqaut authorization commands.
|
|||||
| CVE-2007-3669 | 1 Innovasys | 1 Dockstudioxp | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in the Innovasys DockStudioXP InnovaDSXP2.OCX ActiveX Control have unspecified attack vectors and impact, including a denial of service via "improper use" of the SaveToFile function.
|
|||||
| CVE-2009-1673 | 1 Sun | 1 Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD.
|
|||||
| CVE-2008-2610 | 1 Oracle | 2 E-business Suite, Oracle Applications Technology Stack Component | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
|
|||||
| CVE-2009-0712 | 1 Hp | 2 Insight Manager, Wmi Mapper | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows local users to gain privileges via unknown vectors.
|
|||||
| CVE-2008-3693 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694 ...
Show More |
|||||
| CVE-2008-3694 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693 ...
Show More |
|||||
| CVE-2009-0087 | 1 Microsoft | 4 Office Word, Windows 2000, Windows 2003 Server and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file that contains malformed data, aka "WordPad and Office Text Converter Memory Corruption Vulnerability."
|
|||||
| CVE-2008-3683 | 1 Sun | 1 Java System Web Proxy Server | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5 before SP6 allows remote attackers to cause a denial of service (failure to accept connections) via unknown vectors, probably related to exhaustion of file descriptors.
|
|||||