Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0076 | 1 Oracle | 1 Database | 2025-04-09 | 6.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Application Express Application Builder component in Oracle Database 3.2.1.00.10 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2008-2321 | 1 Apple | 3 Coregraphics, Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of arguments."
|
|||||
| CVE-2008-4597 | 1 Drupal | 1 Shindig-integrator | 2025-04-09 | 7.5 HIGH | N/A |
|
Shindig-Integrator 5.x, a module for Drupal, does not properly restrict generated page access, which allows remote attackers to gain privileges via unspecified vectors.
|
|||||
| CVE-2009-1332 | 1 Sun | 1 Java System Directory Server | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors.
|
|||||
| CVE-2007-4833 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789.
|
|||||
| CVE-2008-3891 | 1 Google | 1 Google Apps | 2025-04-09 | 7.5 HIGH | N/A |
|
The SAML Single Sign-On (SSO) Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field.
|
|||||
| CVE-2009-2481 | 2 Six Apart, Sixapart | 2 Movable Type, Movable Type | 2025-04-09 | 5.8 MEDIUM | N/A |
|
mt-wizard.cgi in Six Apart Movable Type before 4.261, when global templates are not initialized, allows remote attackers to bypass access restrictions and (1) send e-mail to arbitrary addresses or (2) obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2007-6456 | 1 Planamesa | 1 Neooffice | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in OpenOffice.org code in Planamesa NeoOffice 2.2.2 before Patch 4 has unknown impact and attack vectors related to MacOS 10.3.9 .odb files. NOTE: it is not clear whether this issue is a vulnerability.
|
|||||
| CVE-2010-0067 | 1 Oracle | 1 Application Server | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect confidentiality via unknown vectors.
|
|||||
| CVE-2006-5338 | 1 Oracle | 1 Database Server | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5 has unknown impact and remote authenticated attack vectors related to sys.dbms_sqltune, aka Vuln# DB10. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB10 is for SQL injection in DROP_SQLSET, DELETE_SQLSET, SELECT_SQLSET, and I_SET_TUNING_PARAMETER. NOTE: some of these vectors might be in DBMS_SQLTUNE_INTERNAL.
|
|||||
| CVE-2009-0346 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection.
|
|||||
| CVE-2008-5848 | 1 Advantech | 14 Adam-6015, Adam-6017, Adam-6018 and 11 more | 2025-04-09 | 10.0 HIGH | N/A |
|
The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.
|
|||||
| CVE-2008-0875 | 1 Hitachi | 1 Eur Print Manager | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Hitachi EUR Print Manager, and related Client and Local Server products, 05-06 through 05-06-/B and 05-08 allows remote attackers to cause a denial of service (service hang or termination) via unspecified vectors related to "unexpected data."
|
|||||
| CVE-2008-2090 | 1 Sun | 1 Solaris | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.
|
|||||
| CVE-2010-0323 | 2 Arco Van Geest, Typo3 | 2 Goof Fotoboek, Typo3 | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
|
|||||
| CVE-2009-3886 | 1 Sun | 1 Jre | 2025-04-09 | 7.5 HIGH | N/A |
|
The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP (1) application or (2) applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531.
|
|||||
| CVE-2009-4162 | 2 Mauro Lorenzutti, Typo3 | 2 Wfqbe, Typo3 | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the DB Integration (wfqbe) extension 1.3.1 and earlier for TYPO3 allows local users to execute arbitrary commands via unspecified vectors.
|
|||||
| CVE-2009-3935 | 1 Ibm | 2 Advanced Management Module Firmware, Bladecenter | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors.
|
|||||
| CVE-2007-6690 | 1 Menalto | 1 Gallery | 2025-04-09 | 10.0 HIGH | N/A |
|
The Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified GR commands, which has unknown impact and attack vectors.
|
|||||
| CVE-2008-3808 | 1 Cisco | 1 Ios | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.
|
|||||
| CVE-2008-4057 | 1 Objective Development | 1 Sharity | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Objective Development Sharity 3 before 3.5 has unknown impact and attack vectors, related to a "serious security problem."
|
|||||
| CVE-2009-4404 | 1 Jochen Striepe | 1 T-prot | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in t-prot (TOFU Protection) before 2.8 allows remote attackers to cause a denial of service via unspecified vectors related to the "--maxlines" option and a crafted email message. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-2577 | 1 Oracle | 1 Weblogic Server | 2025-04-09 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors.
|
|||||
| CVE-2007-0515 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561.
|
|||||
| CVE-2008-3605 | 1 Mcafee | 1 Encrypted Usb Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, when the Re-use Threshold for passwords is nonzero, allows remote attackers to conduct offline brute force attacks via unknown vectors.
|
|||||
| CVE-2008-3852 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2008-3502 | 1 Bestpractical | 1 Rt | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service (CPU or memory consumption) via unspecified vectors related to the Devel::StackTrace module for Perl.
|
|||||
| CVE-2009-1010 | 2 Ibm, Oracle | 2 Websphere Portal, Application Server | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008.
|
|||||
| CVE-2007-6241 | 1 Beehive Forum | 1 Beehive Forum | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have unknown "critical" impact and attack vectors, different issues than CVE-2007-6014.
|
|||||
| CVE-2007-2115 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Change Data Capture (CDC) component in Oracle Database 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors, aka DB09. NOTE: as of 20070424, oracle has not disputed reliable claims that this issue involves multiple SQL injection vulnerabilities in the DBMS_CDC_PUBLISH with remote authenticated vectors involving the "java classes in CDC.jar."
|
|||||
| CVE-2007-3185 | 1 Apple | 1 Safari | 2025-04-09 | 7.8 HIGH | N/A |
|
Apple Safari Beta 3.0.1 for Windows public beta allows remote attackers to cause a denial of service (crash) via unspecified DHTML manipulations that trigger memory corruption, as demonstrated using Hamachi.
|
|||||
| CVE-2008-2470 | 1 Macrovision | 1 Flexnet Connect | 2025-04-09 | 9.3 HIGH | N/A |
|
The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service (memory corruption and browser crash) and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response.
|
|||||
| CVE-2008-1028 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document file, as demonstrated by opening the document with TextEdit.
|
|||||
| CVE-2008-1194 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.
|
|||||
| CVE-2009-1980 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 6.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2008-2614 | 1 Oracle | 3 Application Server, Oracle Application Server, Oracle Http Server Component | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.3.3 has unknown impact and remote attack vectors.
|
|||||
| CVE-2007-0292 | 1 Oracle | 1 Enterprise Manager | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 have unknown impact and attack vectors related to Oracle Agent, aka (1) EM01 and (2) EM02. NOTE: EM05 might be related to CVE-2007-0222.
|
|||||
| CVE-2008-2054 | 1 Cisco | 1 Ciscoworks Common Services | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a client machine via unknown vectors.
|
|||||
| CVE-2007-2109 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) Rules Manager and Expression Filter components (DB02) and (2) Oracle Streams (DB06). Note: as of 20070424, Oracle has not disputed reliable claims that DB02 is for a race condition in the RLMGR_TRUNCATE_MAINT trigger in the Rules Manager and Expression Filter components changing the AUTHID of a package from DEFINER to CURRENT_USER after a TRUNCATE call, and ...
Show More |
|||||
| CVE-2009-0213 | 1 Areva | 1 E-terrahabitat | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the NETIO application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32021.
|
|||||