Total
29592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5440 | 1 Oracle | 1 Timesten In-memory Database | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this is a format string vulnerability via the msg parameter in the evtdump CGI module. | |||||
| CVE-2008-5439 | 1 Oracle | 1 Database 10g | 2024-11-21 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2008-5438 | 1 Oracle | 1 Application Server | 2024-11-21 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2008-5437 | 1 Oracle | 3 Database 10g, Database 11i, Database 9i | 2024-11-21 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_IJOB. | |||||
| CVE-2008-5436 | 1 Oracle | 2 Database 10g, Database 9i | 2024-11-21 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors. | |||||
| CVE-2008-5430 | 1 Mozilla | 1 Thunderbird | 2024-11-21 | 4.3 MEDIUM | N/A |
| Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which might allow remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173. | |||||
| CVE-2008-5414 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Feature Pack for Web Services in the Web Services Security component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 has unknown impact and attack vectors related to "userNameToken." | |||||
| CVE-2008-5412 | 2 Ibm, Microsoft | 2 Websphere Application Server, Windows | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438. | |||||
| CVE-2008-5395 | 2 Hp, Linux | 2 Pa-risc, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses. | |||||
| CVE-2008-5349 | 1 Sun | 2 Jdk, Jre | 2024-11-21 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service (CPU consumption) via a crafted RSA public key. | |||||
| CVE-2008-5348 | 1 Sun | 3 Jdk, Jre, Sdk | 2024-11-21 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier, when using Kerberos authentication, allows remote attackers to cause a denial of service (OS resource consumption) via unknown vectors. | |||||
| CVE-2008-5345 | 1 Sun | 3 Jdk, Jre, Sdk | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make unauthorized connections to localhost via unknown vectors. | |||||
| CVE-2008-5343 | 1 Sun | 3 Jdk, Jre, Sdk | 2024-11-21 | 9.0 HIGH | N/A |
| Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR" and CR 6707535. | |||||
| CVE-2008-5319 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact and attack vectors related to tiki-error.php, a different issue than CVE-2008-3653. | |||||
| CVE-2008-5318 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact and attack vectors related to "size of user-provided input," a different issue than CVE-2008-3653. | |||||
| CVE-2008-5277 | 1 Powerdns | 1 Powerdns | 2024-11-21 | 4.3 MEDIUM | N/A |
| PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query. | |||||
| CVE-2008-5245 | 1 Xine | 1 Xine-lib | 2024-11-21 | 9.3 HIGH | N/A |
| xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c. | |||||
| CVE-2008-5244 | 1 Xine | 1 Xine-lib | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact and attack vectors related to libfaad. NOTE: due to the lack of details, it is not clear whether this is an issue in xine-lib or in libfaad. | |||||
| CVE-2008-5227 | 1 Phpcow | 1 Phpcow | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in PHPCow allows remote attackers to execute arbitrary code via unknown vectors, related to a "file inclusion vulnerability," as exploited in the wild in November 2008. | |||||
| CVE-2008-5182 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.9 MEDIUM | N/A |
| The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount. | |||||