Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3395 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the AutoVue component in Oracle E-Business Suite 19.3.2 allows remote attackers to affect availability via unknown vectors.
|
|||||
| CVE-2008-1814 | 1 Oracle | 3 Application Server, Collaboration Suite, Database | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote attack vectors, aka DB04.
|
|||||
| CVE-2009-1419 | 2 Hp, Microsoft | 2 Discovery\&dependency Mapping Inventory, Windows | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.0.0 through 2.52, 7.50, and 7.51 on Windows allows remote attackers to access DDMI agents via unknown vectors.
|
|||||
| CVE-2007-3780 | 1 Mysql | 1 Community Server | 2025-04-09 | 5.0 MEDIUM | N/A |
|
MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
|
|||||
| CVE-2008-4111 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when the FileServing feature is enabled, has unknown impact and attack vectors.
|
|||||
| CVE-2008-1223 | 1 Dokeos | 1 Open Source Learning And Knowledge Management Tool | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Dokeos 1.8.4 before SP3 allows attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2008-2946 | 1 Sun | 2 Solaris, Sunos | 2025-04-09 | 7.8 HIGH | N/A |
|
The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets.
|
|||||
| CVE-2007-1134 | 1 Watchtower | 1 Watchtower | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown impact and attack vectors, related to "unauthorized accounts."
|
|||||
| CVE-2009-2507 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-09 | 9.3 HIGH | N/A |
|
A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory Corruption in Indexing Service Vulnerability."
|
|||||
| CVE-2008-5909 | 1 Sun | 1 Opensolaris | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown impact and local attack vectors, related to improper handling of temporary files, aka Bug ID 6655641.
|
|||||
| CVE-2008-3809 | 1 Cisco | 1 Ios | 2025-04-09 | 7.1 HIGH | N/A |
|
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.
|
|||||
| CVE-2008-4293 | 2 Microsoft, Opera | 2 Windows, Opera | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors in which Opera is launched by other applications.
|
|||||
| CVE-2008-1563 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 4.3 MEDIUM | N/A |
|
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
|
|||||
| CVE-2008-2486 | 1 Emule | 1 Emule Plus | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to "staticservers.dat processing."
|
|||||
| CVE-2009-1966 | 1 Oracle | 2 Database Server, Enterprise Manager | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1967.
|
|||||
| CVE-2008-5437 | 1 Oracle | 3 Database 10g, Database 11i, Database 9i | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_IJOB.
|
|||||
| CVE-2008-2608 | 1 Oracle | 2 Data Pump Component, Database Server | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote authenticated attack vectors related to SYS.KUPF$FILE_INT.
|
|||||
| CVE-2009-0353 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine.
|
|||||
| CVE-2008-4868 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."
|
|||||
| CVE-2009-0552 | 1 Microsoft | 5 Ie, Internet Explorer, Windows 2000 and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."
|
|||||
| CVE-2009-0719 | 1 Hp | 1 Hp-ux | 2025-04-09 | 6.0 MEDIUM | N/A |
|
Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unknown vectors, a different issue than CVE-2008-1660.
|
|||||
| CVE-2008-2593 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2594.
|
|||||
| CVE-2009-1335 | 1 Microsoft | 3 Internet Explorer, Windows Vista, Windows Xp | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows remote attackers to cause a denial of service (application hang) via a large document composed of unprintable characters, aka MSRC 9011jr.
|
|||||
| CVE-2008-7131 | 1 Peter Kohlmann | 1 Db2 Monitoring Console | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier allows remote attackers to gain access to a database via a link to a victim who is already connected to the database.
|
|||||
| CVE-2009-1903 | 2 Fedoraproject, Trustwave | 2 Fedora, Modsecurity | 2025-04-09 | 4.3 MEDIUM | N/A |
|
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
|
|||||
| CVE-2009-3588 | 4 Broadcom, Ca, Linux and 1 more | 35 Anti-virus, Anti-virus For The Enterprise, Anti-virus Sdk and 32 more | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.
|
|||||
| CVE-2007-6215 | 1 Web-meetme | 1 Web-meetme | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities in play.php in Web-MeetMe 3.0.3 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) roomNo and possibly the (2) bookid parameter.
|
|||||
| CVE-2009-1984 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Application Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Patch Administrator.
|
|||||
| CVE-2008-5111 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.7 MEDIUM | N/A |
|
Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function.
|
|||||
| CVE-2008-4323 | 1 Microsoft | 1 Windows Xp | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Windows Explorer in Microsoft Windows XP SP3 allows user-assisted attackers to cause a denial of service (application crash) via a crafted .ZIP file.
|
|||||
| CVE-2008-0342 | 1 Oracle | 1 Database Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB05.
|
|||||
| CVE-2006-4097 | 1 Cisco | 1 Secure Access Control Server | 2025-04-09 | 7.8 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allow remote attackers to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. NOTE: it has been reported that at least one issue is a heap-based buffer overflow involving the Tunnel-Password attribute.
|
|||||
| CVE-2009-1231 | 1 Ibm | 1 Db2 Content Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the eClient in IBM DB2 Content Manager 8.4.1 before 8.4.1.1 has unknown impact and attack vectors.
|
|||||
| CVE-2009-0207 | 2 Hp, Oracle | 3 Hp-ux, Vrtsodm, Vrtsvxfs | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk Manager (VRTSodm) 3.5, B.11.23 running VRTSodm 4.1 or VERITAS File System (VRTSvxfs) 4.1, B.11.23 running VRTSodm 5.0 or VRTSvxfs 5.0, and B.11.31 running VRTSodm 5.0 allows local users to gain root privileges via unknown vectors.
|
|||||
| CVE-2007-4547 | 1 X-diesel | 1 Unreal Commander | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted attackers to obtain sensitive information (memory contents) by reading the extracted files. NOTE: this issue is only a vulnerability if Unreal is run with privileges, or if the extracted files are made accessible to other users.
|
|||||
| CVE-2007-6294 | 1 Ibm | 1 Hardware Management Console | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 3 R3.7 allow attackers to gain privileges via "some HMC commands."
|
|||||
| CVE-2007-5504 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package.
|
|||||
| CVE-2007-6337 | 2 Clam Anti-virus, Gentoo | 2 Clamav, Linux | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.
|
|||||
| CVE-2008-7122 | 1 Evansprogramming | 1 Registry Pro | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple insecure method vulnerabilities in an ActiveX control in (epRegPro.ocx) in Evans Programming Registry Pro allow remote attackers to read and modify sensitive registry keys via the (1) About, (2) CreateKey, (3) DeleteBranch, (4) DeleteKey, (5) DeleteValue, (6) EnumKeys, (7) EnumValues, (8) QueryType, (9) QueryValue, (10) RenameKey, and (11) SetValue methods.
|
|||||
| CVE-2008-5447 | 1 Oracle | 1 Enterprise Manager Grid Control 10g | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||