Total
28403 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2478 | 3 Ca, Ibm, Jetty | 3 Unicenter Web Services Distributed Management, Trading Partner Interchange, Jetty Http Server | 2024-02-28 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange before 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2006-0261 | 1 Oracle | 1 Database Server | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB07 in the Dictionary component and (2) DB14 in the Oracle Label Security component. NOTE: Oracle has not disputed reliable researcher claims that DB07 involves plaintext storage of the TDE wallet password in a trace file by event 10053. | |||||
| CVE-2006-0279 | 1 Oracle | 1 E-business Suite | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 4.3 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS13 and (2) APPS14 in the Oracle iLearning component. | |||||
| CVE-2005-0654 | 1 Gimp | 1 Gimp | 2024-02-28 | 5.0 MEDIUM | N/A |
| gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or local users to cause a denial of service (application crash) via the image descriptor (1) height or (2) width fields set to zero. | |||||
| CVE-2006-3941 | 1 Sun | 1 N1 Grid Engine | 2024-02-28 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 and N1 Grid Engine 6.0 allows local users to cause a denial of service (grid service shutdown) and possibly execute arbitrary code using buffer overflows via unknown vectors that cause (1) qmaster or (2) execd to terminate. | |||||
| CVE-2006-4472 | 1 Joomla | 1 Joomla\! | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow attackers to bypass user authentication via unknown vectors involving the (1) do_pdf command and the (2) emailform com_content task. | |||||
| CVE-2006-3648 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2024-02-28 | 7.6 HIGH | N/A |
| Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception." | |||||
| CVE-2006-0874 | 1 Intensive Point | 1 Iuser Ecommerce | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Intensive Point iUser Ecommerce before 2.2 have unspecified vectors and impact, as addressed by "Urgent secure fixes". NOTE: this might be a duplicate of CVE-2006-0854, but the vendor announcement for this issue (from January 8, 2005) is too vague to be sure, and CVE-2006-0854 does not provide version information. | |||||
| CVE-2006-3705 | 1 Oracle | 1 Database Server | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB21 for Statistics and (2) DB22 for Upgrade & Downgrade. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB21 is for a local SQL injection vulnerability in SYS.DBMS_STATS, and that DB22 is for SQL injection in SYS.DBMS_UPGRADE. | |||||
| CVE-2005-3057 | 1 Fortinet | 2 Fortigate, Fortios | 2024-02-28 | 10.0 HIGH | N/A |
| The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP. | |||||
| CVE-2006-3629 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | |||||
| CVE-2006-0730 | 1 Timo Sirainen | 1 Dovecot | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability. | |||||
| CVE-2006-2429 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and remote attack vectors related to "HTTP request handlers". | |||||
| CVE-2006-1876 | 1 Oracle | 1 Database Server | 2024-02-28 | 9.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB12. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the (1) GEN_RID_RANGE_BY_AREA and (2) GEN_RID_RANGE functions in the MDSYS.SDO_PRIDX package. | |||||
| CVE-2005-2993 | 1 Hp | 2 Hp-ux, Tru64 | 2024-02-28 | 1.7 LOW | N/A |
| Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang). | |||||
| CVE-2006-3335 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2006-0029 | 1 Microsoft | 2 Excel, Office | 2024-02-28 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption. | |||||
| CVE-2006-1937 | 1 Ethereal Group | 1 Ethereal | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) multiple vectors in H.248, and the (2) X.509if, (3) SRVLOC, (4) H.245, (5) AIM, and (6) general packet dissectors; and (7) the statistics counter. | |||||
| CVE-2005-3779 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2006-0467 | 1 Pioneers | 1 Pioneers | 2024-02-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Pioneers (formerly gnocatan) before 0.9.49 allows remote attackers to cause a denial of service (application crash) via long chat messages. | |||||