Total
28399 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0340 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04). | |||||
CVE-2008-0375 | 1 Oki Printing Solutions | 1 C5510 Mfp Printer | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 allows remote attackers to set the password and obtain administrative access via unspecified vectors. | |||||
CVE-2007-5476 | 3 Adobe, Apple, Opera | 3 Flash Player, Mac Os X, Opera Browser | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors. | |||||
CVE-2006-5001 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ws Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue. | |||||
CVE-2006-5581 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability." | |||||
CVE-2008-0368 | 1 Ibm | 1 Informix Dynamic Server | 2024-02-28 | 7.2 HIGH | N/A |
onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument. | |||||
CVE-2007-5651 | 1 Cisco | 2 Catos, Ios | 2024-02-28 | 7.1 HIGH | N/A |
Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet. | |||||
CVE-2007-2553 | 1 Hp | 1 Tru64 | 2024-02-28 | 7.2 HIGH | N/A |
Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable. | |||||
CVE-2006-5335 | 1 Oracle | 1 Database Server | 2024-02-28 | 9.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to (1) Vuln# DB04 and sys.dbms_cdc_impdp in the (a) Change Data Capture (CDC) component; (2) Vuln# DB07, (3) DB08, and (4) DB16 in sys.dbms_cdc_isubscribe in CDC; and (5) mdsys.sdo_geor_int in the (b) Oracle Spatial component, aka DB12. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that these issues are related to SQL injection in the BUMP_SEQUENCE function (DB04), CREATE_SUBSCRIPTION (DB07), EXTEND_WINDOW_LIST (DB08), SUBSCRIBE (DB16), and COMPRESSDATA (DB12). | |||||
CVE-2006-5748 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger memory corruption. | |||||
CVE-2007-6119 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 7.8 HIGH | N/A |
The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors. | |||||
CVE-2007-4285 | 1 Cisco | 1 Ios | 2024-02-28 | 9.0 HIGH | N/A |
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header. | |||||
CVE-2007-6691 | 1 Menalto | 1 Gallery | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) "hotlink protection" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified "item information disclosure attacks" in the Core module Gallery application, (5) the slideshow in the Slideshow module, and (6) multiple Print modules. | |||||
CVE-2006-5082 | 1 Sugarcrm | 1 Sugar Suite | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before 4.2.1 Patch C (20060917) has unspecified impact, related to code execution, and unspecified attack vectors. | |||||
CVE-2007-6151 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow. | |||||
CVE-2007-4910 | 1 Netinvoicing | 1 Netinvoicing | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in netInvoicing before 2.7.3 has unknown impact and attack vectors, related to "security check soap". | |||||
CVE-2008-0824 | 1 Caroline | 1 Caroline | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors. | |||||
CVE-2007-1796 | 1 Jccorp | 1 Urlshrink | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 have unspecified attack vectors and impact. | |||||
CVE-2007-0918 | 1 Cisco | 1 Ios | 2024-02-28 | 7.1 HIGH | N/A |
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. | |||||
CVE-2007-0273 | 1 Oracle | 1 Database Server | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting (XSS) vulnerabilities. |