Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4483 | 1 Mailsite | 1 Mailsite | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in LDAP3A.exe in MailSite 8.0.4 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.13 through 8.11. NOTE: as of 20091229, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2008-4598 | 1 Drupal | 1 Shindig-integrator | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Shindig-Integrator 5.x, a module for Drupal, has unspecified impact and remote attack vectors related to "numerous flaws" that are not related to XSS or access control, a different vulnerability than CVE-2008-4596 and CVE-2008-4597.
|
|||||
| CVE-2009-2094 | 1 Ibm | 1 Websphere Commerce | 2025-04-09 | 1.5 LOW | N/A |
|
Unspecified vulnerability in IBM WebSphere Commerce 6.0 Enterprise before 6.0.0.8, when trace is enabled, allows local users to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2008-3643 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an "error recovery issue."
|
|||||
| CVE-2006-5268 | 1 Trend Micro | 1 Serverprotect | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining "administrative access to the RPC interface."
|
|||||
| CVE-2008-2051 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
|
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
|
|||||
| CVE-2007-6030 | 1 Weird Solutions | 1 Bootpturbo | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Weird Solutions BOOTPTurbo 1.2 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
|
|||||
| CVE-2009-0066 | 1 Intel | 1 Trusted Execution Technology | 2025-04-09 | 7.6 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation of tboot. NOTE: as of 20090107, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2009-3075 | 1 Mozilla | 1 Firefox | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.
|
|||||
| CVE-2009-1009 | 2 Ibm, Oracle | 2 Websphere Portal, Application Server | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML.
|
|||||
| CVE-2008-6417 | 1 Greensql | 1 Greensql-console | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows attackers to obtain the "installation directory" via unknown vectors.
|
|||||
| CVE-2009-1988 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise HRMS eProfile Manager component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1, 8.9 Bundle 19, and 9.0 Bundle 9 allows remote authenticated users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2007-3944 | 1 Apple | 3 Iphone Os, Safari, Webkit | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate ...
Show More |
|||||
| CVE-2008-5791 | 1 Prestashop | 1 Prestashop | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution before 1.1 Beta 2 (aka 1.1.0.1) have unknown impact and attack vectors, related to the (1) bankwire module, (2) cheque module, and other components.
|
|||||
| CVE-2008-2579 | 1 Oracle | 1 Weblogic Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
|
|||||
| CVE-2008-2786 | 1 Mozilla | 1 Firefox | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack of details as of 20080619, it is not clear whether this is the same issue as CVE-2008-2785. A CVE identifier has been assigned for tracking purposes.
|
|||||
| CVE-2007-4898 | 1 Xwiki | 1 Xwiki | 2025-04-09 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1 Enterprise RC2 allows remote authenticated users, with administrative access to one wiki in a multiwiki environment, to obtain sensitive information via unknown attack vectors. NOTE: Some of these details are obtained from third party information.
|
|||||
| CVE-2008-5173 | 1 Testmaker | 1 Testmaker | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in testMaker before 3.0p16 allows remote authenticated users to execute arbitrary PHP code via unspecified attack vectors.
|
|||||
| CVE-2008-3946 | 1 Hp | 1 Openvms | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file.
|
|||||
| CVE-2007-2176 | 1 Mozilla | 1 Firefox | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175.
|
|||||
| CVE-2009-3885 | 2 Microsoft, Sun | 2 Windows, Jre | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Sun Java SE 5.0 before Update 22 and 6 before Update 17 on Windows allows remote attackers to cause a denial of service via a BMP file containing a link to a UNC share pathname for an International Color Consortium (ICC) profile file, probably a related issue to CVE-2007-2789, aka Bug Id 6632445.
|
|||||
| CVE-2008-3692 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694 ...
Show More |
|||||
| CVE-2008-0341 | 1 Oracle | 1 Database Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+ and 10.1.0.5 has unknown impact and remote attack vectors, aka DB03.
|
|||||
| CVE-2009-3072 | 1 Mozilla | 1 Firefox | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.
|
|||||
| CVE-2007-5716 | 1 Sun | 1 Solaris | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors, probably related to a UDP packet.
|
|||||
| CVE-2007-3444 | 1 Rim | 2 Blackberry 7270, Blackberry Software | 2025-04-09 | 4.3 MEDIUM | N/A |
|
The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service (blocked call reception) via a malformed SIP invite message, possibly related to multiple format string specifiers in the From field, a spoofed source IP address, and limitations of the function stack frame.
|
|||||
| CVE-2007-5515 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.2, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB27.
|
|||||
| CVE-2008-2611 | 1 Oracle | 3 Core Rdbms Component, Database Server, Oracle Database | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.
|
|||||
| CVE-2009-3400 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Advanced Benefits component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2007-0457 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
|
|||||
| CVE-2008-0699 | 1 Ibm | 1 Db2 | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.
|
|||||
| CVE-2007-5775 | 1 Bitdefender | 3 Antivirus, Internet Security, Total Security | 2025-04-09 | 9.3 HIGH | 9.8 CRITICAL |
|
Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2006-5082 | 1 Sugarcrm | 1 Sugar Suite | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before 4.2.1 Patch C (20060917) has unspecified impact, related to code execution, and unspecified attack vectors.
|
|||||
| CVE-2009-4191 | 1 Sun | 2 Opensolaris, Sunos | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gain privileges via unknown vectors, as demonstrated by the vd_sol_local module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2009-2987 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Windows allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2009-2561 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors.
|
|||||
| CVE-2009-2045 | 1 Cisco | 2 Video Surveillance Integrated Services Platform, Video Surveillance Stream Manager | 2025-04-09 | 7.8 HIGH | N/A |
|
The Cisco Video Surveillance Stream Manager firmware before 5.3, as used on Cisco Video Surveillance Services Platforms and Video Surveillance Integrated Services Platforms, allows remote attackers to cause a denial of service (reboot) via a malformed payload in a UDP packet to port 37000, related to the xvcrman process, aka Bug ID CSCsj47924.
|
|||||
| CVE-2008-6602 | 1 Stadtaus | 1 Download Center Lite | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack vectors related to "A minor security fix."
|
|||||
| CVE-2010-0069 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 7.0, SP7, 8.1SP6, 9.0, 9.1, 9.2MP3, 10.0MP1, and 10.3.0 allows remote attackers to affect integrity via unknown vectors.
|
|||||
| CVE-2008-4012 | 1 Oracle | 1 Weblogic Workshop | 2025-04-09 | 5.1 MEDIUM | N/A |
|
Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite WLW 8.1SP5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI pageflows."
|
|||||