Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3978 | 1 Oracle | 1 Database 10g | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2009-2210 | 1 Mozilla | 2 Seamonkey, Thunderbird | 2025-04-09 | 9.3 HIGH | N/A |
|
Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that triggers access to an incorrect object type.
|
|||||
| CVE-2009-0179 | 1 Igno Saitz | 1 Libmikmod | 2025-04-09 | 4.3 MEDIUM | N/A |
|
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
|
|||||
| CVE-2009-0974 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0983 and CVE-2009-3407.
|
|||||
| CVE-2008-2144 | 1 Sun | 1 Sunos | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-1987 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools - Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.21 allows remote attackers to affect integrity via unknown vectors.
|
|||||
| CVE-2009-0997 | 1 Oracle | 1 Database Server | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Database Vault component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, related to DBMS_SYS_SQL.
|
|||||
| CVE-2008-3958 | 1 Ibm | 1 Db2 | 2025-04-09 | 7.5 HIGH | N/A |
|
IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT/ATTACH data stream that simulates a V7 client connect/attach request. NOTE: this may overlap CVE-2008-3858. NOTE: this issue exists because of an incomplete fix for CVE-2008-3959.
|
|||||
| CVE-2009-1981 | 1 Oracle | 1 Siebel Enterprise Suite | 2025-04-09 | 3.0 LOW | N/A |
|
Unspecified vulnerability in the Highly Interactive Client component in Siebel Product Suite 7.5.3, 7.7.2, 7.8.2, 8.0.0.5, and 8.1.0 allows local users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2009-1011 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is for multiple integer overflows in a function that parses an optional data stream within a Microsoft Office file, leading to a heap-based buffer overflow.
|
|||||
| CVE-2007-5531 | 1 Oracle | 3 Application Server, Database Server, Enterprise Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02.
|
|||||
| CVE-2008-4841 | 1 Microsoft | 4 Windows 2000, Windows Server 2003, Windows Xp and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
|
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008. NOTE: As of 20081210, it is unclear whether this vulnerability is related to a WordPad issue disclosed on 20080925 with a 2008-crash.doc.rar example, but there are insufficient details to be sure.
|
|||||
| CVE-2009-4439 | 1 Ibm | 1 Db2 | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (instance crash) by compiling a SQL query.
|
|||||
| CVE-2008-5683 | 1 Opera | 1 Opera Browser | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors.
|
|||||
| CVE-2007-0775 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-09 | 3.7 LOW | N/A |
|
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.
|
|||||
| CVE-2009-3399 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 7.0.6 and 8.1.5 allows remote attackers to affect integrity, related to WLS Console.
|
|||||
| CVE-2008-2824 | 1 Xerox | 1 Workcentre | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7655, 7665, and 7675 allows remote attackers to make configuration changes via unknown vectors.
|
|||||
| CVE-2008-6621 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-2323 | 1 Apple | 2 Data Detectors Engine, Mac Os X | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in Data Detectors Engine in Apple Mac OS X 10.5.4 allows attackers to cause a denial of service (resource consumption) via crafted textual content in messages.
|
|||||
| CVE-2008-2112 | 3 Novell, Redhat, Sun | 4 Suse Linux Enterprise Server, Enterprise Linux, Ray Server Software and 1 more | 2025-04-09 | 8.5 HIGH | N/A |
|
Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig.
|
|||||
| CVE-2008-3997 | 1 Oracle | 1 Database 10g | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect availability, related to SYS.DBMS_XSOQ_ODBO.
|
|||||
| CVE-2008-4731 | 1 Michael Christen | 1 Yacy | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown impact and attack vectors.
|
|||||
| CVE-2008-2077 | 1 Plain Black | 1 Webgui | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Plain Black WebGUI 7.4.34 has unknown impact and attack vectors related to "data form list view."
|
|||||
| CVE-2009-1552 | 1 Sco | 1 Unixware | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service (system panic) via unspecified vectors.
|
|||||
| CVE-2007-5020 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher.
|
|||||
| CVE-2008-0074 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.
|
|||||
| CVE-2008-2598 | 1 Oracle | 2 Times Ten Client Server, Times Ten In Memory Database | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2597 and CVE-2008-2599.
|
|||||
| CVE-2008-1561 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang.
|
|||||
| CVE-2009-0994 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017.
|
|||||
| CVE-2008-3981 | 1 Oracle | 1 Secure Backup | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.
|
|||||
| CVE-2008-1198 | 1 Redhat | 1 Enterprise Linux | 2025-04-09 | 7.1 HIGH | N/A |
|
The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.
|
|||||
| CVE-2009-1103 | 1 Sun | 1 Java | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "deserializing applets," aka CR 6646860.
|
|||||
| CVE-2008-5412 | 2 Ibm, Microsoft | 2 Websphere Application Server, Windows | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438.
|
|||||
| CVE-2009-3405 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2025-04-09 | 4.1 MEDIUM | N/A |
|
Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.98.1.4 allows remote authenticated users to affect integrity and availability via unknown vectors.
|
|||||
| CVE-2008-2595 | 1 Oracle | 2 Database 10g, Database 9i | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference.
|
|||||
| CVE-2009-2486 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv_120, allows remote attackers to cause a denial of service (panic) via unspecified packets.
|
|||||
| CVE-2007-1032 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."
|
|||||
| CVE-2007-1796 | 1 Jccorp | 1 Urlshrink | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 have unspecified attack vectors and impact.
|
|||||
| CVE-2009-2721 | 1 Sun | 1 Java Se | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6406003.
|
|||||
| CVE-2007-3734 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
|
|||||