Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4676 | 1 Citrix | 3 Access Essentials, Presentation Server, Xenapp | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified file. NOTE: this might be the same issue as CVE-2008-3485, but the vendor advisory is too vague to be certain.
|
|||||
| CVE-2009-0988 | 1 Oracle | 1 Database 11g | 2025-04-09 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2008-7101 | 1 Dotnetnuke | 1 Dotnetnuke | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in DotNetNuke 4.0 through 4.8.4 and 5.0 allows remote attackers to obtain sensitive information (portal number) by accessing the install wizard page via unknown vectors.
|
|||||
| CVE-2007-6693 | 1 Menalto | 1 Gallery Webcam Module | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the WebCam module in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to a "proxied request."
|
|||||
| CVE-2007-5126 | 1 Symantec | 1 Veritas Backup Exec | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
|
|||||
| CVE-2007-5853 | 1 Apple | 1 Mac Os X | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with crafted GUID partition maps, which triggers memory corruption.
|
|||||
| CVE-2008-1830 | 2 Jdedwards, Oracle | 2 Enterpriseone, Peoplesoft Hcm Eperformance | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the PeopleSoft HCM ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 and 9.0 has unknown impact and remote attack vectors, aka PSE03.
|
|||||
| CVE-2009-1974 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Servlet Container Package.
|
|||||
| CVE-2009-0938 | 1 Tor | 1 Tor | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input."
|
|||||
| CVE-2009-1829 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.
|
|||||
| CVE-2007-4250 | 1 Advanced Searchbar | 1 Advanced Searchbar | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The isChecked function in Toolbar.DLL in Advanced Searchbar before 3.33 allows remote attackers to cause a denial of service (NULL dereference and browser crash) via unspecified vectors.
|
|||||
| CVE-2007-5270 | 1 Bendiken | 1 Boost Module For Drupal | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks (XSS) via unspecified vectors.
|
|||||
| CVE-2009-0435 | 1 Ibm | 2 Aix, Websphere Application Server | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the IBM Asynchronous I/O (aka AIO or libibmaio) library in the Java Message Service (JMS) component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.17 on AIX 5.3 allows attackers to cause a denial of service (daemon crash) via vectors related to the aio_getioev2 and getEvent methods.
|
|||||
| CVE-2008-2589 | 1 Oracle | 2 Application Server, Oracle Portal Component | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.2, and 10.1.4.1 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a SQL injection vulnerability in the WWV_RENDER_REPORT package that allows remote attackers to execute arbitrary SQL (PL/SQL) commands via the second argument to the SHOW procedure.
|
|||||
| CVE-2007-2463 | 1 Cisco | 2 Adaptive Security Appliance Software, Pix | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry.
|
|||||
| CVE-2009-1020 | 1 Oracle | 1 Database Server | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the Network Foundation component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2009-3038 | 2 Ibm, Rim | 2 Lotus Notes Connector, Blackberry Desktop Manager | 2025-04-09 | 4.3 MEDIUM | N/A |
|
A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion (RIM) Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of service (Internet Explorer crash) by referencing the control's CLSID in the classid attribute of an OBJECT element.
|
|||||
| CVE-2008-5110 | 1 Oneidentity | 1 Syslog-ng | 2025-04-09 | 9.3 HIGH | N/A |
|
syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9.
|
|||||
| CVE-2009-1805 | 1 Vmware | 7 Ace, Esx, Esxi and 4 more | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors ...
Show More |
|||||
| CVE-2009-0267 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 5.0 MEDIUM | N/A |
|
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.
|
|||||
| CVE-2010-0274 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5.
|
|||||
| CVE-2009-0716 | 1 Hp | 1 Storageworks Storage Mirroring | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service or obtain "access" via unknown vectors.
|
|||||
| CVE-2007-5607 | 1 Hp | 1 Instant Support | 2025-04-09 | 7.5 HIGH | N/A |
|
Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606.
|
|||||
| CVE-2009-0916 | 1 Opera | 1 Opera Browser | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "moderately severe issue."
|
|||||
| CVE-2008-4692 | 1 Ibm | 1 Db2 | 2025-04-09 | 10.0 HIGH | N/A |
|
The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors.
|
|||||
| CVE-2007-1322 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-09 | 2.1 LOW | N/A |
|
QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction.
|
|||||
| CVE-2009-2204 | 1 Apple | 1 Iphone Os | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore.
|
|||||
| CVE-2008-3549 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.7 MEDIUM | N/A |
|
Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris before snv_90 allows local users to cause a denial of service (system hang or panic) via unknown vectors.
|
|||||
| CVE-2009-1042 | 1 Apple | 2 Mac Os X, Safari | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
|
|||||
| CVE-2006-5342 | 1 Oracle | 1 Database Server | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_tune, aka Vuln# DB18. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB18 might be related to SQL injection in the EXTENT_OF function.
|
|||||
| CVE-2009-2686 | 1 Hp | 1 Nonstop Server | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in HP NonStop G06.12.00 through G06.32.00, H06.08.00 through H06.18.01, and J06.04.00 through J06.07.01 allows local users to gain privileges, cause a denial of service, or obtain "access to data" via unknown vectors.
|
|||||
| CVE-2008-0953 | 1 Hp | 1 Instant Support | 2025-04-09 | 10.0 HIGH | N/A |
|
The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
|
|||||
| CVE-2009-1424 | 1 Hp | 3 Procurve Switch 5400zl, Procurve Switch 8200zl, Procurve Threat Management Services Zl Module | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and earlier allows remote attackers to cause a denial of service via unknown vectors, aka PR_39412, a different vulnerability than CVE-2009-1423 and CVE-2009-1425.
|
|||||
| CVE-2009-2862 | 1 Cisco | 1 Ios | 2025-04-09 | 4.3 MEDIUM | N/A |
|
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.
|
|||||
| CVE-2008-3802 | 1 Cisco | 1 Ios | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801.
|
|||||
| CVE-2008-1819 | 1 Oracle | 2 Database 9i, Database Server | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Net Services component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka DB09.
|
|||||
| CVE-2008-0242 | 1 Sun | 1 Solaris | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions.
|
|||||
| CVE-2009-0993 | 1 Oracle | 1 Application Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is a format string vulnerability that allows remote attackers to execute arbitrary code via format string specifiers in an HTTP POST URI, which are not properly handled whe ...
Show More |
|||||
| CVE-2008-3839 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.7 MEDIUM | N/A |
|
Unspecified vulnerability in the NFS module in the kernel in Sun Solaris 10 and OpenSolaris snv_59 through snv_87, when configured as an NFS server without the nodevices option, allows local users to cause a denial of service (panic) via unspecified vectors.
|
|||||
| CVE-2007-3635 | 1 Squirrelmail | 2 Gpg Plugin, Squirrelmail | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.
|
|||||