Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4691 | 1 Ibm | 1 Db2 | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in the New Compiler (aka Starburst derived compiler) component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a denial of service (segmentation violation and trap) via unknown vectors.
|
|||||
| CVE-2008-4410 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247.
|
|||||
| CVE-2008-3140 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet."
|
|||||
| CVE-2008-1659 | 1 Hp | 2 Hp-ux, Ldap-ux | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 allows local users to gain privileges via unknown vectors.
|
|||||
| CVE-2007-6532 | 1 Xfce | 1 Xfce | 2025-04-09 | 10.0 HIGH | N/A |
|
Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."
|
|||||
| CVE-2008-6507 | 1 Phpbb | 1 Phpbb | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum.
|
|||||
| CVE-2008-3974 | 1 Oracle | 1 Database 9i | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.
|
|||||
| CVE-2008-3816 | 1 Cisco | 2 Adaptive Security Appliance 5500 Series, Pix Security Appliance | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.
|
|||||
| CVE-2008-3959 | 1 Ibm | 1 Db2 | 2025-04-09 | 5.0 MEDIUM | N/A |
|
IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.
|
|||||
| CVE-2007-5726 | 1 Sun | 1 Solaris | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Stream Control Transmission Protocol (sctp) functionality in Sun Solaris 10, when at least one SCTP socket is in the LISTEN state, allows remote attackers to cause a denial of service (panic) via unspecified vectors related to "INIT processing."
|
|||||
| CVE-2008-1329 | 2 Broadcom, Computer Associates | 3 Desktop Management Suite, Arcserve Backup Laptops And Desktops, Desktop Management Suite | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."
|
|||||
| CVE-2007-6481 | 1 Sun | 1 Ray Server Software | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to create or delete arbitrary directories via unspecified vectors.
|
|||||
| CVE-2009-2596 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.7 MEDIUM | N/A |
|
Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members.
|
|||||
| CVE-2008-7194 | 1 Fujitsu | 1 Interstage Application Server | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server 5.0, 7.0, 7.0.1, and 8.0.0 for Windows, allows attackers to cause a denial of service via a crafted request.
|
|||||
| CVE-2009-0633 | 1 Cisco | 1 Cisco Ios | 2025-04-09 | 7.1 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220.
|
|||||
| CVE-2009-1100 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.
|
|||||
| CVE-2009-3706 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call.
|
|||||
| CVE-2008-5694 | 1 Sandbox | 1 Sandbox | 2025-04-09 | 10.0 HIGH | N/A |
|
PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox.
|
|||||
| CVE-2009-3473 | 1 Ibm | 1 Db2 | 2025-04-09 | 10.0 HIGH | N/A |
|
IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.
|
|||||
| CVE-2009-3818 | 2 Stanislas Rolland, Typo3 | 2 Sr Freecap, Typo3 | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the session handling feature in freeCap CAPTCHA (sr_freecap) extension 1.2.0 and earlier for TYPO3 has unknown impact and attack vectors.
|
|||||
| CVE-2008-4301 | 1 Microsoft | 1 Internet Information Services | 2025-04-09 | 10.0 HIGH | N/A |
|
A certain ActiveX control in iisext.dll in Microsoft Internet Information Services (IIS) allows remote attackers to set a password via a string argument to the SetPassword method. NOTE: this issue could not be reproduced by a reliable third party. In addition, the original researcher is unreliable. Therefore the original disclosure is probably erroneous
|
|||||
| CVE-2009-3433 | 1 Sun | 1 Cluster | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in clsetup in the configuration utility in Sun Solaris Cluster 3.2 allows local users to gain privileges via unknown vectors.
|
|||||
| CVE-2008-3047 | 1 Typo3 | 1 Kb Unpack Extension | 2025-04-09 | 7.5 HIGH | N/A |
|
Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors.
|
|||||
| CVE-2007-5651 | 1 Cisco | 2 Catos, Ios | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet.
|
|||||
| CVE-2009-4444 | 1 Microsoft | 1 Internet Information Services | 2025-04-09 | 6.0 MEDIUM | N/A |
|
Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file.
|
|||||
| CVE-2007-5753 | 1 Light Fman Php | 1 Light Fman Php | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Light FMan PHP (lfman or lightfman) before 2.0rc1 has unknown impact and attack vectors related to "actions."
|
|||||
| CVE-2008-4000 | 2 Jdedwards, Oracle | 4 Enterpriseone, Jd Edwards Enterpriseone, Peoplesoft Enterprise and 1 more | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue allows bypass of the lockout mechanism using brute force guessing of credentials and a response discrepancy information leak when ...
Show More |
|||||
| CVE-2008-0343 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has unknown impact and remote attack vectors, aka DB06.
|
|||||
| CVE-2007-2127 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remote attack vectors via (1) Application Object Library (APPS04), iStore (2) APPS05 and (3) APPS06, (4) iSupport (APPS07), (5) Trade Management (APPS09), (6) Applications Manager (APPS10), and (7) Oracle Report Manager (APPS03).
|
|||||
| CVE-2009-2866 | 1 Cisco | 1 Ios | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.
|
|||||
| CVE-2007-6225 | 1 Sun | 1 Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors.
|
|||||
| CVE-2008-2583 | 1 Oracle | 2 Application Server, Oracle Portal Component | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the sample Discussion Forum Portlet for the Oracle Portal component in Oracle Application Server, as available from OTN before 20080715, has unknown impact and remote attack vectors.
|
|||||
| CVE-2009-1969 | 1 Oracle | 1 Database Server | 2025-04-09 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2007-6529 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php.
|
|||||
| CVE-2007-6123 | 1 Irc Services | 1 Irc Services | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in IRC Services 5.1.8 has unknown impact and attack vectors.
|
|||||
| CVE-2007-6031 | 1 Van Dyke Technologies | 1 Vshell | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
|
|||||
| CVE-2008-4300 | 1 Microsoft | 1 Internet Information Services | 2025-04-09 | 5.0 MEDIUM | N/A |
|
A certain ActiveX control in adsiis.dll in Microsoft Internet Information Services (IIS) allows remote attackers to cause a denial of service (browser crash) via a long string in the second argument to the GetObject method. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
|
|||||
| CVE-2008-5908 | 1 Sun | 1 Opensolaris | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the root/boot archive tool in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653455.
|
|||||
| CVE-2009-2678 | 1 Hp | 1 Nonstop Server | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Open System Services (OSS) Name Server on HP NonStop G06.27, G06.28, G06.29, G06.30, H06.06, H06.07, H06.08, and J06.03 allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2009-1003 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect integrity via unknown vectors related to "access to source code of web pages."
|
|||||