Total
28444 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2713 | 1 Sun | 2 Java System Access Manager, Java System Web Server | 2024-02-28 | 4.3 MEDIUM | N/A |
| The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2008-3947 | 1 Hp | 1 Openvms | 2024-02-28 | 7.2 HIGH | N/A |
| DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line. | |||||
| CVE-2009-1006 | 2 Oracle, Sun | 4 Jrockit, Jdk, Jre and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2008-2786 | 1 Mozilla | 1 Firefox | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack of details as of 20080619, it is not clear whether this is the same issue as CVE-2008-2785. A CVE identifier has been assigned for tracking purposes. | |||||
| CVE-2009-1002 | 1 Oracle | 1 Bea Product Suite | 2024-02-28 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors. | |||||
| CVE-2008-4923 | 1 Mw6 Technologies | 1 Aztec Activex | 2024-02-28 | 9.0 HIGH | N/A |
| Multiple insecure method vulnerabilities in MW6 Technologies Aztec ActiveX control (AZTECLib.MW6Aztec, Aztec.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods. | |||||
| CVE-2009-4167 | 2 Lukas Taferner, Typo3 | 2 It Basetag, Typo3 | 2024-02-28 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Automatic Base Tags for RealUrl (lt_basetag) extension 1.0.0 for TYPO3 allows remote attackers to conduct "Cache spoofing" attacks via unspecified vectors. | |||||
| CVE-2008-4595 | 1 Slaytanic Scripts | 1 Content Plus | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Slaytanic Scripts Content Plus 2.1.1 have unknown impact and remote attack vectors. | |||||
| CVE-2008-5449 | 1 Oracle | 1 Secure Backup | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-5448. | |||||
| CVE-2008-5182 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 6.9 MEDIUM | N/A |
| The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount. | |||||
| CVE-2008-7236 | 1 Oracle | 1 Application Server | 2024-02-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05. | |||||
| CVE-2008-3047 | 1 Typo3 | 1 Kb Unpack Extension | 2024-02-28 | 7.5 HIGH | N/A |
| Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors. | |||||
| CVE-2008-5801 | 1 Typo3 | 1 Dictionary Extension | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Dictionary (rtgdictionary) extension 0.1.9 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2003-1572 | 1 Sun | 1 Jmf | 2024-02-28 | 9.3 HIGH | N/A |
| Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields. | |||||
| CVE-2008-6690 | 1 Typo3 | 2 Nd Antispam, Typo3 | 2024-02-28 | 7.5 HIGH | N/A |
| Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors. | |||||
| CVE-2008-3994 | 1 Oracle | 3 Database 10g, Database 11i, Database 9i | 2024-02-28 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM. | |||||
| CVE-2008-5676 | 1 Breach | 1 Modsecurity | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching." | |||||
| CVE-2008-2010 | 2 Apple, Microsoft | 3 Quicktime, Windows Vista, Windows Xp | 2024-02-28 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a crafted QuickTime media file. NOTE: as of 20080429, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-5909 | 1 Sun | 1 Opensolaris | 2024-02-28 | 7.2 HIGH | N/A |
| Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown impact and local attack vectors, related to improper handling of temporary files, aka Bug ID 6655641. | |||||
| CVE-2009-3885 | 2 Microsoft, Sun | 2 Windows, Jre | 2024-02-28 | 5.0 MEDIUM | N/A |
| Sun Java SE 5.0 before Update 22 and 6 before Update 17 on Windows allows remote attackers to cause a denial of service via a BMP file containing a link to a UNC share pathname for an International Color Consortium (ICC) profile file, probably a related issue to CVE-2007-2789, aka Bug Id 6632445. | |||||