Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5277 | 1 Powerdns | 1 Powerdns | 2025-04-09 | 4.3 MEDIUM | N/A |
|
PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.
|
|||||
| CVE-2008-3335 | 1 Punbb | 1 Punbb | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in PunBB before 1.2.19 allows remote attackers to inject arbitrary SMTP commands via unknown vectors.
|
|||||
| CVE-2007-2034 | 1 Cisco | 1 Wireless Control System | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190.
|
|||||
| CVE-2007-5606 | 1 Hp | 1 Instant Support | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607.
|
|||||
| CVE-2007-2907 | 1 Ssl-explorer | 1 Ssl-explorer | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote authenticated users to enter redirect URLs containing (1) JavaScript or (2) HTTP headers via an unspecified vector, possibly the forwardTo parameter to redirect.do. NOTE: the impact might be cross-site scripting (XSS) or HTTP request smuggling.
|
|||||
| CVE-2009-0011 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.2 HIGH | N/A |
|
Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via unknown vectors related to an "insecure file operation" on a temporary file.
|
|||||
| CVE-2009-4182 | 1 Hp | 1 Web Jetadmin | 2025-04-09 | 9.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server.
|
|||||
| CVE-2009-2488 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10, and OpenSolaris snv_102 through snv_119, allows local users to cause a denial of service (client panic) via vectors involving "file operations."
|
|||||
| CVE-2008-7234 | 1 Oracle | 1 Application Server | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03.
|
|||||
| CVE-2008-5884 | 1 Zkesoft | 1 Ayeview | 2025-04-09 | 4.3 MEDIUM | N/A |
|
AyeView 2.20 allows user-assisted attackers to cause a denial of service (application crash) via a GIF file with a malformed header.
|
|||||
| CVE-2008-3961 | 1 Adobe | 1 Illustrator | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Adobe Illustrator CS2 on Macintosh allow user-assisted attackers to execute arbitrary code via a crafted AI file.
|
|||||
| CVE-2006-5043 | 2 Joomla, Joomlaboard | 2 Joomla\!, Joomlaboard | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard Forum Component (com_joomlaboard) before 1.1.2 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) file_upload.php or (2) image_upload.php, a variant of CVE-2006-3528.
|
|||||
| CVE-2009-1979 | 1 Oracle | 1 Database Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an independent researcher that this is related to improper validation of the AUTH_SESSKEY parameter length that leads to arbitrary code execution.
|
|||||
| CVE-2008-1756 | 1 Sun | 1 N1 Grid Engine | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Qmaster daemon in Sun N1 Grid Engine 6.1 allows local users to cause a denial of service (daemon crash) via unspecified vectors.
|
|||||
| CVE-2008-3801 | 1 Cisco | 3 Ios, Unified Callmanager, Unified Communications Manager | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.
|
|||||
| CVE-2009-2714 | 1 Sun | 1 Virtualbox | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows guest OS users to cause a denial of service (host OS reboot) via unknown vectors.
|
|||||
| CVE-2008-3807 | 1 Cisco | 1 Ios | 2025-04-09 | 9.3 HIGH | N/A |
|
Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.
|
|||||
| CVE-2009-3380 | 1 Mozilla | 1 Firefox | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
|||||
| CVE-2008-0495 | 1 Ibm | 1 Hardware Management Console | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3.2.0 allows remote attackers to cause a denial of service via unspecified vectors.
|
|||||
| CVE-2009-3819 | 2 Typo3, Urs Maag | 2 Typo3, Maag Randomimage | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Random Images (maag_randomimage) extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors.
|
|||||
| CVE-2009-1159 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets.
|
|||||
| CVE-2007-2445 | 2 Linux, Png Reference Library | 2 Linux Kernel, Libpng | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.
|
|||||
| CVE-2008-5449 | 1 Oracle | 1 Secure Backup | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-5448.
|
|||||
| CVE-2007-4839 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803.
|
|||||
| CVE-2008-3329 | 1 Twibright | 1 Links | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."
|
|||||
| CVE-2008-3920 | 1 Bitlbee | 1 Bitlbee | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors.
|
|||||
| CVE-2008-7233 | 1 Oracle | 2 Application Server, E-business Suite 11i | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02.
|
|||||
| CVE-2008-2600 | 1 Oracle | 3 Database Server, Oracle Database, Spatial Component | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to MDSYS.SDO_TOPO_MAP.
|
|||||
| CVE-2009-3839 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.
|
|||||
| CVE-2008-1201 | 1 Adobe | 1 Flash | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in FLA file parsing in Adobe Flash CS3 Professional, Flash Professional 8, and Flash Basic 8 on Windows allow user-assisted remote attackers to execute arbitrary code via a crafted .FLA file.
|
|||||
| CVE-2008-1454 | 1 Microsoft | 4 Windows 2000, Windows Server 2003, Windows Server 2008 and 1 more | 2025-04-09 | 9.4 HIGH | N/A |
|
Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447.
|
|||||
| CVE-2007-5482 | 1 Sun | 2 Storagetek 3510, Storedge | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the FTP service in Sun StorEdge/StorageTek 3510 FC Array with firmware before 4.21 allows remote attackers, with access to the Ethernet management interface, to cause a denial of service (I/O request timeout and device hang) via unspecified vectors.
|
|||||
| CVE-2008-2441 | 1 Cisco | 2 Secure Access Control Server, Secure Acs | 2025-04-09 | 7.5 HIGH | N/A |
|
Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, and 4.2.x before 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated users to cause a denial of service (CSRadius and CSAuth service crash) or possibly execute arbitrary code via a crafted RADIUS (1) EAP-Response/Identity, (2) EAP-Response/MD5, or (3) EAP-Response/TLS Mess ...
Show More |
|||||
| CVE-2008-6895 | 1 3cx | 1 Phone System | 2025-04-09 | 7.8 HIGH | N/A |
|
3CX Phone System 6.0.806.0 allows remote attackers to cause a denial of service (unstable service or crash) via unspecified vectors, as demonstrated by vulnerability scans from Nessus or SAINT.
|
|||||
| CVE-2009-2680 | 1 Hp | 4 Storageworks 1\/8 G2 Tape Autoloader, Storageworks Msl2024 Tape Library, Storageworks Msl4048 Tape Library and 1 more | 2025-04-09 | 8.5 HIGH | N/A |
|
Unspecified vulnerability in the Remote Management Interface (RMI) for MSL Tape Libraries and 1/8 G2 Tape Autoloaders in HP StorageWorks 1/8 G2 Tape Autoloader firmware 2.30 and earlier, MSL2024 Tape Library firmware 4.20 and earlier, MSL4048 Tape Library firmware 6.50 and earlier, and MSL8096 Tape Library firmware 8.90 and earlier allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2008-1821 | 1 Oracle | 1 Database Server | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+, and 10.1.0.5 has unknown impact and remote attack vectors related to SYS.DBMS_AQJMS_INTERNAL, aka DB15. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB15 is for multiple buffer overflows in the (1) AQ$_REGISTER and (2) AQ$_UNREGISTER procedures.
|
|||||
| CVE-2009-3241 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.
|
|||||
| CVE-2009-3879 | 1 Sun | 2 Jre, Openjdk | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057.
|
|||||
| CVE-2009-2647 | 1 Kaspersky | 2 Kaspersky Anti-virus, Kaspersky Internet Security | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to "an external script."
|
|||||
| CVE-2008-3160 | 1 Ibm | 1 Data Ontap | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before 7.1.3, as used by IBM System Storage N series Filer and IBM System Storage N series Gateway, have unknown impact and attack vectors.
|
|||||