Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3712 | 1 Oracle | 1 Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.4.2 and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# AS07.
|
|||||
| CVE-2006-4571 | 1 Mozilla | 2 Seamonkey, Thunderbird | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and possibly large images or plugin data.
|
|||||
| CVE-1999-0144 | 1 Qmail Project | 1 Qmail | 2025-04-03 | 2.1 LOW | N/A |
|
Denial of service in Qmail by specifying a large number of recipients with the RCPT command.
|
|||||
| CVE-2006-4470 | 1 Joomla | 1 Joomla\! | 2025-04-03 | 7.5 HIGH | N/A |
|
Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to have an unknown impact, possibly resulting in PHP remote file inclusion.
|
|||||
| CVE-2006-0270 | 1 Oracle | 1 Database Server | 2025-04-03 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB27. NOTE: Oracle has not disputed a reliable researcher report that TDA stores the master key without encryption, which allows local users to obtain the key via the SGA.
|
|||||
| CVE-2005-0989 | 2 Mozilla, Netscape | 3 Firefox, Mozilla, Navigator | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
|
|||||
| CVE-2006-0119 | 1 Ibm | 3 Lotus Domino, Lotus Domino Enterprise Server, Lotus Notes | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial o ...
Show More |
|||||
| CVE-2006-2383 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution.
|
|||||
| CVE-2005-1974 | 1 Sun | 1 J2se | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges.
|
|||||
| CVE-2006-2201 | 1 Broadcom | 1 Resource Initialization Manager | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain "problem state program" that uses SVC to gain access to supervisor state, key 0.
|
|||||
| CVE-2006-1870 | 1 Oracle | 1 Database Server | 2025-04-03 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors in the Export component, aka Vuln# DB05. NOTE: details are unavailable from Oracle, but as of 20060427, they have not publicly commented on whether DB05 is the same issue as CVE-2006-2081.
|
|||||
| CVE-1999-1302 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access.
|
|||||
| CVE-2006-0467 | 1 Pioneers | 1 Pioneers | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Pioneers (formerly gnocatan) before 0.9.49 allows remote attackers to cause a denial of service (application crash) via long chat messages.
|
|||||
| CVE-2005-3059 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to (1) " handling of must-revalidate cache directive for HTTPS pages" or (2) a "display issue with cookie comment encoding."
|
|||||
| CVE-2006-3648 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 7.6 HIGH | N/A |
|
Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception."
|
|||||
| CVE-2006-3709 | 1 Oracle | 1 Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# AS04.
|
|||||
| CVE-2006-3703 | 1 Oracle | 1 Database Server | 2025-04-03 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in InterMedia for Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.4 has unknown impact and attack vectors, aka oracle Vuln# DB07.
|
|||||
| CVE-2006-0256 | 1 Oracle | 1 Database Server | 2025-04-03 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB01.
|
|||||
| CVE-2005-2700 | 3 Apache, Canonical, Debian | 3 Http Server, Ubuntu Linux, Debian Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions.
|
|||||
| CVE-2005-2022 | 1 Sun | 2 Iplanet Messaging Server, One Messaging Server | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch 1 and Sun ONE Messaging Server 6.2 allows remote attackers to execute arbitrary Javascript, possibly due to a cross-site scripting (XSS) vulnerability.
|
|||||
| CVE-2006-3719 | 1 Oracle | 1 Enterprise Manager | 2025-04-03 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in CORE: Repository for Oracle Enterprise Manager 9.0.1.0 and 9.2.0.1 has unknown impact and attack vectors, aka Oracle Vuln# EM01.
|
|||||
| CVE-2002-1790 | 1 Microsoft | 3 Exchange Server, Internet Information Server, Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.
|
|||||
| CVE-2004-2083 | 1 Opera | 1 Opera Browser | 2025-04-03 | 2.6 LOW | N/A |
|
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."
|
|||||
| CVE-2006-0267 | 1 Oracle | 1 Database Server | 2025-04-03 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.2.0.6 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB20.
|
|||||
| CVE-2005-4007 | 1 Redgraphic | 1 Sapid Cms | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, related to newly registered users and possibly authorization checks, have unknown impact and attack vectors involving (1) mvc/controller/user_request_analysis.inc.php and (2) usr/xml/ddc/authorization.xml.
|
|||||
| CVE-2006-0290 | 1 Oracle | 4 Application Server, Collaboration Suite, Database Server and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Oracle Database Server 9.2.0.7, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and Applications 11.5.10 has unspecified impact and attack vectors, as identified by Oracle Vuln# WF01 in the Oracle Workflow Cartridge component.
|
|||||
| CVE-2006-0028 | 1 Microsoft | 2 Excel, Office | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers.
|
|||||
| CVE-2006-3720 | 1 Oracle | 1 Enterprise Manager | 2025-04-03 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in Enterprise Config Management for Oracle Enterprise Manager 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# EM02.
|
|||||
| CVE-2006-2435 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in IBM WebSphere Application Server 5.0.2 and earlier, and 5.1.1 and earlier, has unknown impact and attack vectors related to "Inserting certain script tags in urls [that] may allow unintended execution of scripts."
|
|||||
| CVE-2004-2758 | 1 Sun | 1 Sunforum | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
|
|||||
| CVE-2005-4585 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
|
|||||
| CVE-2006-0291 | 1 Oracle | 4 Application Server, Collaboration Suite, Database Server and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Oracle Database Server 10.2.0.1, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) WF02 and (2) WF03 in the Oracle Workflow Cartridge component.
|
|||||
| CVE-1999-1589 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.
|
|||||
| CVE-2006-3438 | 1 Microsoft | 1 Hyperlink Object Library | 2025-04-03 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not properly handled when hlink.dll "uses a file containing a malformed function," aka "Hyperlink Object Function Vulnerability."
|
|||||
| CVE-2001-0726 | 1 Microsoft | 1 Exchange Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.
|
|||||
| CVE-2006-0262 | 1 Oracle | 4 Database Server, Oracle10g, Oracle8i and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08.
|
|||||
| CVE-2005-4273 | 1 Ibm | 1 Aix | 2025-04-03 | 2.1 LOW | N/A |
|
Multiple unspecified vulnerabilities in (1) getShell and (2) getCommand in IBM AIX 5.3 allow local users to append to arbitrary files.
|
|||||
| CVE-2006-0042 | 2 Apache, Debian | 2 Libapreq2, Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.
|
|||||
| CVE-2003-1551 | 1 Novell | 1 Groupwise | 2025-04-03 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script."
|
|||||
| CVE-1999-1412 | 2 Apache, Apple | 2 Http Server, Macos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
|
|||||