Total
28444 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-4554 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.6 MEDIUM | N/A |
The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. | |||||
CVE-2008-5026 | 1 Microsoft | 1 Sharepoint Server | 2024-02-28 | 3.5 LOW | N/A |
Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading HTML documents. | |||||
CVE-2008-5443 | 1 Oracle | 1 Secure Backup | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5441 and CVE-2008-5442. | |||||
CVE-2008-4095 | 1 Flip4mac | 1 Flip4mac Wmv | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in the Importer in Flip4Mac WMV before 2.2.1 have unknown impact and attack vectors, different vulnerabilities than CVE-2007-6713. | |||||
CVE-2009-2871 | 1 Cisco | 1 Ios | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002. | |||||
CVE-2009-1901 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 10.0 HIGH | N/A |
The Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 permits "non-standard http methods," which has unknown impact and remote attack vectors. | |||||
CVE-2008-3801 | 1 Cisco | 3 Ios, Unified Callmanager, Unified Communications Manager | 2024-02-28 | 7.1 HIGH | N/A |
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. | |||||
CVE-2008-4873 | 1 Sepal | 1 Spboard | 2024-02-28 | 10.0 HIGH | N/A |
board.cgi in Sepal SPBOARD 4.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter during a down_file action. | |||||
CVE-2009-2741 | 1 Ibm | 1 Websphere Business Events | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the wberuntimeear application in the test servlet in IBM WebSphere Business Events 6.1 and 6.2 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
CVE-2009-3241 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. | |||||
CVE-2008-7195 | 1 Fujitsu | 1 Interstage Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server Enterprise Edition 7.0.1 for Solaris, allows attackers to cause a denial of service via unknown vectors related to SSL. | |||||
CVE-2008-2577 | 1 Oracle | 1 Weblogic Server | 2024-02-28 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors. | |||||
CVE-2008-1815 | 1 Oracle | 2 Database 10g, Database 11g | 2024-02-28 | 5.5 MEDIUM | N/A |
Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to DBMS_CDC_UTILITY, aka DB02. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB02 is for SQL injection in LOCK_CHANGE_SET. | |||||
CVE-2008-2057 | 1 Cisco | 2 Adaptive Security Appliance Software, Pix Security Appliance | 2024-02-28 | 5.4 MEDIUM | N/A |
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet. | |||||
CVE-2008-4412 | 1 Hp | 1 Systems Insight Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
CVE-2008-1201 | 1 Adobe | 1 Flash | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple unspecified vulnerabilities in FLA file parsing in Adobe Flash CS3 Professional, Flash Professional 8, and Flash Basic 8 on Windows allow user-assisted remote attackers to execute arbitrary code via a crafted .FLA file. | |||||
CVE-2009-2847 | 1 Linux | 3 Kernel, Linux, Linux Kernel | 2024-02-28 | 4.9 MEDIUM | N/A |
The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function. | |||||
CVE-2009-0178 | 1 Ibm | 1 Hardware Management Console | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 has unknown impact and attack vectors. | |||||
CVE-2009-0718 | 1 Hp | 1 Storageworks Storage Mirroring | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
CVE-2008-1159 | 1 Cisco | 3 Ios S, Ios T, Ios Xr | 2024-02-28 | 7.1 HIGH | N/A |
Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293. |