Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0178 | 1 Ibm | 1 Hardware Management Console | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 has unknown impact and attack vectors.
|
|||||
| CVE-2007-6713 | 1 Flip4mac | 1 Flip4mac Wmv | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown impact and attack vectors related to malformed WMV files.
|
|||||
| CVE-2008-1275 | 1 Mailenable | 3 Mailenable Enterprise, Mailenable Professional, Mailenable Standard | 2025-04-09 | 7.8 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands.
|
|||||
| CVE-2008-7197 | 1 G15tools | 1 G15daemon | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in G15Daemon before 1.9.4 have unknown impact and attack vectors.
|
|||||
| CVE-2008-3104 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.
|
|||||
| CVE-2009-4368 | 1 Merethis | 1 Centreon | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) traceroute tool, and (3) ldap import, possibly related to improper authentication.
|
|||||
| CVE-2008-5675 | 1 Ibm | 1 Websphere Portal | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI."
|
|||||
| CVE-2007-5539 | 1 Cisco | 4 Unified Contact Center Enterprise, Unified Contact Center Hosted, Unified Icm Hosted and 1 more | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686.
|
|||||
| CVE-2008-2585 | 1 Oracle | 2 E-business Suite, Report Manager Component | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
|
|||||
| CVE-2009-2943 | 2 Ocaml, Postgresql | 2 Postgresql-ocaml, Postgresql | 2025-04-09 | 7.5 HIGH | N/A |
|
The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
|
|||||
| CVE-2008-3666 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library.
|
|||||
| CVE-2009-2722 | 1 Sun | 1 Java Se | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6429594. NOTE: this issue exists because of an incorrect fix for BugId 6406003.
|
|||||
| CVE-2009-1013 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1014.
|
|||||
| CVE-2009-1967 | 1 Oracle | 2 Database Server, Enterprise Manager | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1966.
|
|||||
| CVE-2008-3949 | 1 Suse | 1 Suse Linux | 2025-04-09 | 7.2 HIGH | N/A |
|
emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.
|
|||||
| CVE-2008-7220 | 2 Debian, Prototypejs | 2 Debian Linux, Prototype | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make "cross-site ajax requests" via unknown vectors.
|
|||||
| CVE-2008-7237 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows remote authenticated users to affect confidentiality via unknown vectors, aka AS06.
|
|||||
| CVE-2009-1985 | 1 Oracle | 1 Database Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2008-3813 | 1 Cisco | 1 Ios | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.
|
|||||
| CVE-2009-2683 | 1 Hp | 1 Remote Graphics Software | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in the Sender module in HP Remote Graphics Software (RGS) 5.1.3 through 5.2.6 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-1990 | 1 Oracle | 1 Application Server | 2025-04-09 | 1.7 LOW | N/A |
|
Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2008-3914 | 1 Clamav | 1 Clamav | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.
|
|||||
| CVE-2008-5395 | 2 Hp, Linux | 2 Pa-risc, Linux Kernel | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses.
|
|||||
| CVE-2009-2679 | 1 Hp | 1 Hp-ux | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.
|
|||||
| CVE-2008-3246 | 2 Blackberry, Rim | 7 Enterprise Server, Unite, Blackberry Enterprise Server and 4 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
|
|||||
| CVE-2009-2984 | 1 Adobe | 1 Acrobat | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-3729 | 1 Sun | 1 Jre | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the TrueType font parsing functionality in Sun Java SE 5.0 before Update 22 and 6 before Update 17 allows remote attackers to cause a denial of service (application crash) via a certain test suite, aka Bug Id 6815780.
|
|||||
| CVE-2008-4006 | 1 Oracle | 1 Secure Backup | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2008-3107 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
|
|||||
| CVE-2009-2868 | 1 Cisco | 1 Ios | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.
|
|||||
| CVE-2009-3183 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 7.2 HIGH | N/A |
|
Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors.
|
|||||
| CVE-2008-6140 | 1 Avaya | 1 One-x | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Avaya one-X Desktop Edition 2.1.0.78 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
|
|||||
| CVE-2008-3045 | 1 Typo3 | 1 Industry Database | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the Industry Database (aka Branchendatenbank pro_industrydb) extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."
|
|||||
| CVE-2007-3102 | 2 Fedora Project, Openbsd | 2 Fedora Core, Openssh | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-1633 | 1 Mondo | 1 Rescue | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Mondo Rescue before 2.2.5 has unknown impact and attack vectors, related to the use of (1) /tmp and (2) MINDI_CACHE.
|
|||||
| CVE-2008-4005 | 1 Oracle | 1 Database 11i | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Express component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2009-0975 | 1 Oracle | 2 Database 10g, Database 11g | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0978.
|
|||||
| CVE-2009-1004 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2007-2655 | 1 Netwin | 2 Surgemail, Webmail | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution.
|
|||||
| CVE-2008-2064 | 1 Phpgedview | 1 Phpgedview | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems."
|
|||||