Total
29259 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-4592 | 1 Sportspanel | 1 Sports Clubs Web Portal | 2024-02-28 | 10.0 HIGH | N/A |
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter. | |||||
CVE-2009-0123 | 2 Apple, Microsoft | 3 Mac Os X, Safari, Windows | 2024-02-28 | 7.1 HIGH | N/A |
Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows allows remote attackers to read arbitrary files on a client machine via vectors related to the association of Safari with the (1) feed, (2) feeds, and (3) feedsearch URL types for RSS feeds. NOTE: as of 20090114, the only disclosure is a vague pre-advisory. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2008-3995 | 1 Oracle | 2 Database 10g, Database 11i | 2024-02-28 | 5.5 MEDIUM | N/A |
Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_CDC_PUBLISH. | |||||
CVE-2008-5439 | 1 Oracle | 1 Database 10g | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
CVE-2008-3551 | 1 Sun | 2 Java Platform Micro Edition, Wireless Toolkit | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Sun Java Platform Micro Edition (aka Java ME, J2ME, or mobile Java), as distributed in Sun Wireless Toolkit 2.5.2, allow remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a company led by a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2008-2112 | 3 Novell, Redhat, Sun | 4 Suse Linux Enterprise Server, Enterprise Linux, Ray Server Software and 1 more | 2024-02-28 | 8.5 HIGH | N/A |
Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig. | |||||
CVE-2008-2226 | 1 Openkm | 1 Openkm | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the export feature in OpenKM before 2.0 allows remote attackers to export arbitrary documents via unspecified vectors. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-2549 | 1 Adobe | 1 Acrobat Reader | 2024-02-28 | 4.3 MEDIUM | N/A |
Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf. | |||||
CVE-2007-6713 | 1 Flip4mac | 1 Flip4mac Wmv | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown impact and attack vectors related to malformed WMV files. | |||||
CVE-2008-0211 | 1 Compaq | 13 2210 Series Bios, 2510 Series Bios, 2710 Series Bios and 10 more | 2024-02-28 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the BIOS F.04 through F.11 for the HP Compaq Business Notebook PC allows local users to cause a denial of service via unspecified vectors. | |||||
CVE-2008-1816 | 1 Oracle | 1 Database Server | 2024-02-28 | 5.5 MEDIUM | N/A |
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) SDO_UTIL in the Oracle Spatial component, aka DB05; or (2) fine grained auditing in the Audit component, aka DB14. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB05 is SQL injection. | |||||
CVE-2008-5179 | 1 Microsoft | 3 Office Communications Server, Office Communicator, Windows Live Messenger | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Microsoft Office Communications Server (OCS), Office Communicator, and Windows Live Messenger allows remote attackers to cause a denial of service (crash) via a crafted Real-time Transport Control Protocol (RTCP) receiver report packet. | |||||
CVE-2008-5440 | 1 Oracle | 1 Timesten In-memory Database | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this is a format string vulnerability via the msg parameter in the evtdump CGI module. | |||||
CVE-2008-3502 | 1 Bestpractical | 1 Rt | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service (CPU or memory consumption) via unspecified vectors related to the Devel::StackTrace module for Perl. | |||||
CVE-2008-2600 | 1 Oracle | 3 Database Server, Oracle Database, Spatial Component | 2024-02-28 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to MDSYS.SDO_TOPO_MAP. | |||||
CVE-2009-0979 | 1 Oracle | 1 Database 9i | 2024-02-28 | 9.0 HIGH | N/A |
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
CVE-2009-1970 | 1 Oracle | 1 Database Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-0991. | |||||
CVE-2008-2090 | 1 Sun | 1 Solaris | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet. | |||||
CVE-2008-2707 | 2 Intel, Sun | 4 Network Interface Controller, Opensolaris, Solaris and 1 more | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and OpenSolaris before snv_93 allows remote attackers to cause a denial of service (network connectivity loss) via unknown vectors. | |||||
CVE-2008-3050 | 1 Typo3 | 1 Pdf Generator 2 Extension | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors. |