Total
28444 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-3818 | 2 Stanislas Rolland, Typo3 | 2 Sr Freecap, Typo3 | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the session handling feature in freeCap CAPTCHA (sr_freecap) extension 1.2.0 and earlier for TYPO3 has unknown impact and attack vectors. | |||||
CVE-2008-2160 | 1 Microsoft | 1 Windows Embedded Compact | 2024-02-28 | 9.3 HIGH | N/A |
Multiple unspecified vulnerabilities in the JPEG (GDI+) and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted (1) JPEG and (2) GIF images. | |||||
CVE-2008-3045 | 1 Typo3 | 1 Industry Database | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in the Industry Database (aka Branchendatenbank pro_industrydb) extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity." | |||||
CVE-2008-6140 | 1 Avaya | 1 One-x | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Avaya one-X Desktop Edition 2.1.0.78 allows remote attackers to cause a denial of service (crash) via unspecified vectors. | |||||
CVE-2009-3839 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-28 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server. | |||||
CVE-2008-3920 | 1 Bitlbee | 1 Bitlbee | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors. | |||||
CVE-2009-1992 | 2 Microsoft, Oracle | 2 Windows, Database Server | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
CVE-2009-4072 | 1 Opera | 1 Opera Browser | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Opera before 10.10 has unknown impact and attack vectors, related to a "moderately severe issue." | |||||
CVE-2009-3570 | 1 Openoffice | 1 Openoffice.org | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2008-3694 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3695, and CVE-2008-3696. | |||||
CVE-2008-2946 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.8 HIGH | N/A |
The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets. | |||||
CVE-2009-2000 | 1 Oracle | 1 Database Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors. | |||||
CVE-2009-1978 | 1 Oracle | 1 Secure Backup | 2024-02-28 | 9.0 HIGH | N/A |
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows remote authenticated users to execute arbitrary code with SYSTEM privileges via vectors involving property_box.php. | |||||
CVE-2009-4328 | 1 Ibm | 1 Db2 | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (server trap) by calling a SQL stored procedure in unknown circumstances. | |||||
CVE-2008-6549 | 1 Moinmo | 1 Moinmoin | 2024-02-28 | 5.0 MEDIUM | N/A |
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors. | |||||
CVE-2008-2613 | 1 Oracle | 2 Database Scheduler, Database Server | 2024-02-28 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the Database Scheduler component in Oracle Database 10.2.0.4 and 11.1.0.6 has unknown impact and local attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this is an untrusted search path issue that allows local users to gain privileges via a malicious (1) libclntsh.so or (2) libnnz10.so library. | |||||
CVE-2009-1969 | 1 Oracle | 1 Database Server | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
CVE-2009-0631 | 1 Cisco | 1 Ios | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet. | |||||
CVE-2008-2581 | 1 Oracle | 2 Bea Product Suite, Weblogic Server Component | 2024-02-28 | 5.1 MEDIUM | N/A |
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer. | |||||
CVE-2007-5604 | 1 Hp | 1 Instant Support | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607. |