Total
28426 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-2196 | 2 Apple, Microsoft | 5 Mac Os X, Mac Os X Server, Safari and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors. | |||||
CVE-2008-4017 | 1 Oracle | 1 Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors. | |||||
CVE-2009-0213 | 1 Areva | 1 E-terrahabitat | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the NETIO application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32021. | |||||
CVE-2008-3236 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 allows attackers to obtain sensitive information via vectors related to "previously encrypted properties" that are not encrypted. | |||||
CVE-2008-2100 | 1 Vmware | 8 Ace, Esx, Esx Server and 5 more | 2024-02-28 | 7.2 HIGH | N/A |
Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. | |||||
CVE-2009-1999 | 1 Oracle | 1 Application Server | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers to affect integrity via unknown vectors. | |||||
CVE-2008-6021 | 1 Attachmate | 1 Reflection For Secure It | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka "security vulnerabilities found by 3rd party analysis." | |||||
CVE-2008-3072 | 1 Simple Machines | 1 Simple Machines Forum | 2024-02-28 | 7.5 HIGH | N/A |
Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors. | |||||
CVE-2008-1597 | 1 Ibm | 1 Aix | 2024-02-28 | 4.9 MEDIUM | N/A |
The WPAR system call implementation in the kernel in IBM AIX 6.1 allows local users to cause a denial of service via unknown calls that trigger "undefined behavior." | |||||
CVE-2008-3103 | 1 Sun | 2 Jdk, Jre | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthorized operations" via unspecified vectors. | |||||
CVE-2009-3350 | 2 Drupal, Roshan Shah | 2 Drupal, Subdomain Manager | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors. | |||||
CVE-2008-5245 | 1 Xine | 1 Xine-lib | 2024-02-28 | 9.3 HIGH | N/A |
xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c. | |||||
CVE-2009-1598 | 1 Google | 1 Chrome | 2024-02-28 | 9.3 HIGH | N/A |
Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a web site that permits PDF uploads by untrusted users, and therefore has a shared document.domain between the web site and this javascript: URI. NOTE: the researcher reports that Adobe's position is "a PDF file is active content." | |||||
CVE-2009-0619 | 1 Cisco | 1 Session Border Controller | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the Session Border Controller (SBC) before 3.0(2) for Cisco 7600 series routers allows remote attackers to cause a denial of service (SBC card reload) via crafted packets to TCP port 2000. | |||||
CVE-2008-1817 | 1 Oracle | 2 Database 9i, Database Server | 2024-02-28 | 9.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection. | |||||
CVE-2009-2001 | 1 Oracle | 1 Database Server | 2024-02-28 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the PL/SQL component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
CVE-2008-5675 | 1 Ibm | 1 Websphere Portal | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI." | |||||
CVE-2008-5910 | 1 Sun | 1 Opensolaris | 2024-02-28 | 7.2 HIGH | N/A |
Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653462. | |||||
CVE-2009-1156 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2024-02-28 | 5.7 MEDIUM | N/A |
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet. | |||||
CVE-2008-7012 | 1 Accellion | 1 Secure File Transfer Appliance | 2024-02-28 | 7.8 HIGH | N/A |
courier/1000@/api_error_email.html (aka "error reporting page") in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters. |