Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4826 | 1 Quagga | 1 Quagga | 2025-04-09 | 3.5 LOW | N/A |
|
bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled.
|
|||||
| CVE-2009-3089 | 1 Ibm | 1 Tivoli Directory Server | 2025-04-09 | 7.8 HIGH | N/A |
|
IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors, related to (1) the ibmslapd.exe daemon on Windows and (2) the ibmdiradm daemon in the administration server on Linux, as demonstrated by certain modules in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2006-0717. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pac ...
Show More |
|||||
| CVE-2009-3963 | 1 Xoops | 1 Xoops | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have unknown impact and attack vectors.
|
|||||
| CVE-2009-0370 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
|
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
|
|||||
| CVE-2009-3350 | 2 Drupal, Roshan Shah | 2 Drupal, Subdomain Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors.
|
|||||
| CVE-2008-4639 | 1 Sentex | 1 Jhead | 2025-04-09 | 4.6 MEDIUM | N/A |
|
jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
|||||
| CVE-2010-0072 | 1 Oracle | 1 Secure Backup | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a buffer overflow in observiced.exe that allows remote attackers to execute arbitrary code via vectors related to a "reverse lookup of connections" to TCP po ...
Show More |
|||||
| CVE-2009-0052 | 2 Atheros, Netgear | 3 Ar9160-bc1a Chipset, Wndap330, Wndap330 Firmware | 2025-04-09 | 5.5 MEDIUM | N/A |
|
The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame.
|
|||||
| CVE-2007-5523 | 1 Oracle | 2 Application Server, Collaboration Suite | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.2, and 10.1.4.0, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS08.
|
|||||
| CVE-2007-4788 | 1 Cisco | 2 Content Switching Module With Ssl, Content Switching Modules | 2025-04-09 | 7.8 HIGH | N/A |
|
Cisco Content Switching Modules (CSM) 4.2 before 4.2.3a, and Cisco Content Switching Module with SSL (CSM-S) 2.1 before 2.1.2a, allow remote attackers to cause a denial of service (CPU consumption or reboot) via sets of out-of-order TCP packets with unspecified characteristics, aka CSCsd27478.
|
|||||
| CVE-2008-3349 | 2 Ibm, Netapp | 3 N Series Storage Server, Data Ontap, Fas900 | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160.
|
|||||
| CVE-2009-4190 | 1 Sun | 1 Opensolaris | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 allows remote attackers to cause a denial of service (panic) via unknown vectors, as demonstrated by the vd_solaris2 module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2008-3993 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors.
|
|||||
| CVE-2008-2899 | 1 J00lean-cms | 1 J00lean-cms | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in includes/classes/page.php in j00lean-CMS 1.03 has unknown impact and attack vectors.
|
|||||
| CVE-2008-4926 | 1 Mw6 Technologies | 1 Pdf417 Activex | 2025-04-09 | 9.0 HIGH | N/A |
|
Multiple insecure method vulnerabilities in MW6 Technologies PDF417 ActiveX control (MW6PDF417Lib.PDF417, MW6PDF417.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods.
|
|||||
| CVE-2008-0243 | 1 Ibm | 1 Lotus Domino | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2008-2806 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-09 | 7.5 HIGH | N/A |
|
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin (JEP) and Java LiveConnect.
|
|||||
| CVE-2008-5179 | 1 Microsoft | 3 Office Communications Server, Office Communicator, Windows Live Messenger | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and Windows Live Messenger allows remote attackers to cause a denial of service (crash) via a crafted Real-time Transport Control Protocol (RTCP) receiver report packet.
|
|||||
| CVE-2008-4416 | 1 Hp | 1 Hp-ux | 2025-04-09 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.
|
|||||
| CVE-2009-2671 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.
|
|||||
| CVE-2008-4011 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors.
|
|||||
| CVE-2008-3882 | 1 Zoneminder | 1 Zoneminder | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary commands via (1) the executeFilter function in zm_html_view_events.php and (2) the run_state parameter to zm_html_view_state.php.
|
|||||
| CVE-2008-0375 | 1 Oki Printing Solutions | 1 C5510 Mfp Printer | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 allows remote attackers to set the password and obtain administrative access via unspecified vectors.
|
|||||
| CVE-2007-0910 | 2 Php, Trustix | 2 Php, Secure Linux | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.
|
|||||
| CVE-2009-3836 | 1 Arubanetworks | 2 Aruba Mobility Controller, Arubaos | 2025-04-09 | 6.1 MEDIUM | N/A |
|
ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the Aruba Mobility Controller allows remote attackers to cause a denial of service (Access Point crash) via a malformed 802.11 Association Request management frame.
|
|||||
| CVE-2008-4015 | 1 Oracle | 1 Database 10g | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Streams component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_STREAMS_AUTH.
|
|||||
| CVE-2008-7191 | 1 Pps.jussieu | 1 Polipo | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Polipo before 1.0.4 allows remote attackers to cause a denial of service (crash) via a long request URL.
|
|||||
| CVE-2009-2870 | 1 Cisco | 1 Ios | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880.
|
|||||
| CVE-2008-0369 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-09 | 6.9 MEDIUM | N/A |
|
Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs.
|
|||||
| CVE-2008-1812 | 1 Oracle | 2 Application Server, Database 9i | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01.
|
|||||
| CVE-2008-1764 | 1 Opera | 1 Opera | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to "keyboard handling of password inputs."
|
|||||
| CVE-2007-6419 | 1 Hp | 1 Hp-ux | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
|
|||||
| CVE-2006-6564 | 1 Filezilla | 1 Filezilla | 2025-04-09 | 4.0 MEDIUM | N/A |
|
FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a malformed argument to the STOR command, which results in a NULL pointer dereference. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command.
|
|||||
| CVE-2009-3243 | 2 Microsoft, Wireshark | 2 Windows, Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.
|
|||||
| CVE-2009-2723 | 1 Sun | 1 Java Se | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.
|
|||||
| CVE-2009-3074 | 1 Mozilla | 1 Firefox | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-2707 | 1 Novell | 1 Suse Linux Enterprise Server | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in ia32el (aka the IA 32 emulation functionality) before 7042_7022-0.4.2 in SUSE Linux Enterprise (SLE) 10 SP2 on Itanium IA64 machines allows local users to cause a denial of service (system crash) via a 32-bit x86 application.
|
|||||
| CVE-2007-0271 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors related to the Log Miner component and sys.dbms_log_mnr privileges, aka DB04. NOTE: Oracle has not disputed a reliable researcher claim that this is a buffer overflow in the ADD_LOGFILE procedure for the SYS.DBMS_LOGMNR package that allows code execution.
|
|||||
| CVE-2008-2275 | 1 Typo3 | 1 Sr Feuser Register Extension | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to execute arbitrary code and delete arbitrary files via unspecified attack vectors.
|
|||||
| CVE-2006-5041 | 1 Joomla | 2 Com Hotproperties, Hot Properties | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Hot Properties (possibly com_hotproperties) 0.97 and earlier for Joomla! has unspecified impact and attack vectors.
|
|||||