Total
28444 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-1995 | 1 Oracle | 1 Database Server | 2024-02-28 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_AQ_INV. | |||||
CVE-2009-0986 | 1 Oracle | 2 Database 10g, Database 11g | 2024-02-28 | 5.4 MEDIUM | N/A |
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
CVE-2009-2456 | 1 Novell | 1 Edirectory | 2024-02-28 | 5.0 MEDIUM | N/A |
The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN). | |||||
CVE-2008-4597 | 1 Drupal | 1 Shindig-integrator | 2024-02-28 | 7.5 HIGH | N/A |
Shindig-Integrator 5.x, a module for Drupal, does not properly restrict generated page access, which allows remote attackers to gain privileges via unspecified vectors. | |||||
CVE-2008-2616 | 1 Oracle | 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools | 2024-02-28 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622. | |||||
CVE-2008-2614 | 1 Oracle | 3 Application Server, Oracle Application Server, Oracle Http Server Component | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.3.3 has unknown impact and remote attack vectors. | |||||
CVE-2008-3652 | 1 Ipsec-tools | 1 Ipsec-tools | 2024-02-28 | 7.8 HIGH | N/A |
src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption). | |||||
CVE-2009-0720 | 1 Hp | 1 Openview Network Node Manager | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
CVE-2008-2169 | 2 Avici, Hitachi | 4 Router, Gr2000, Gr3000 and 1 more | 2024-02-28 | 7.1 HIGH | N/A |
Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | |||||
CVE-2008-3138 | 2 Rpath, Wireshark | 2 Rpath Linux, Wireshark | 2024-02-28 | 5.0 MEDIUM | N/A |
The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors. | |||||
CVE-2008-5791 | 1 Prestashop | 1 Prestashop | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution before 1.1 Beta 2 (aka 1.1.0.1) have unknown impact and attack vectors, related to the (1) bankwire module, (2) cheque module, and other components. | |||||
CVE-2009-3379 | 1 Mozilla | 1 Firefox | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663. | |||||
CVE-2009-3963 | 1 Xoops | 1 Xoops | 2024-02-28 | 7.5 HIGH | N/A |
Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have unknown impact and attack vectors. | |||||
CVE-2008-4125 | 1 Phpbb | 1 Phpbb | 2024-02-28 | 5.0 MEDIUM | N/A |
The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632. | |||||
CVE-2009-3098 | 2 Hp, Microsoft | 2 Operations Dashboard, Windows Server 2003 | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2008-3986 | 1 Oracle | 1 Application Server | 2024-02-28 | 1.0 LOW | N/A |
Unspecified vulnerability in the Oracle Discoverer Administrator component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows local users to affect confidentiality via unknown vectors. | |||||
CVE-2008-4910 | 1 Sun | 1 Java Web Start | 2024-02-28 | 10.0 HIGH | N/A |
The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method. | |||||
CVE-2009-1860 | 1 Adobe | 1 Shockwave Player | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content. | |||||
CVE-2008-3048 | 1 Typo3 | 1 Pdf Generator 2 Extension | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Unprotected test functionality." | |||||
CVE-2009-3943 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (application hang) via a JavaScript loop that configures the home page by using the setHomePage method and a DHTML behavior property. |