Total
266785 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5456 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2024-02-28 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
CVE-2008-5701 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-28 | 4.7 MEDIUM | N/A |
Array index error in arch/mips/kernel/scall64-o32.S in the Linux kernel before 2.6.28-rc8 on 64-bit MIPS platforms allows local users to cause a denial of service (system crash) via an o32 syscall with a small syscall number, which leads to an attempted read operation outside the bounds of the syscall table. | |||||
CVE-2008-1726 | 1 Myknowledgequest | 1 Knowledgequest | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext.php and (b) articletextonly.php and the (2) username parameter to (c) logincheck.php. | |||||
CVE-2008-6705 | 1 Stalker-game | 1 S.t.a.l.k.e.r.\ | 2024-02-28 | 5.0 MEDIUM | N/A |
The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server termination) via a crafted packet without an expected 0xe0 or 0xe1 value, which triggers the INT3 instruction. | |||||
CVE-2009-0794 | 1 Sun | 1 Openjdk | 2024-02-28 | 5.0 MEDIUM | N/A |
Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line. | |||||
CVE-2009-2622 | 1 Squid-cache | 1 Squid | 2024-02-28 | 5.0 MEDIUM | N/A |
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc. | |||||
CVE-2009-1813 | 1 Submitterscript | 1 Submitterscript | 2024-02-28 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in admin/index.php in Submitter Script 2 allow remote attackers to execute arbitrary SQL commands via (1) the uNev parameter (aka the username field) or (2) the uJelszo parameter (aka the Password field). | |||||
CVE-2008-6634 | 1 Beaussier | 1 Roomphplanning | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idroom parameter to weekview.php. | |||||
CVE-2009-2166 | 2 Ocsinventory-ng, Unix | 2 Ocs Inventory Ng, Unix | 2024-02-28 | 5.0 MEDIUM | N/A |
Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter. | |||||
CVE-2008-1928 | 1 Imager | 1 Imager | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) via an image based fill in which the number of input channels is different from the number of output channels. | |||||
CVE-2008-7199 | 1 Phoenixcontact | 1 Fl Il 24 Bk-pac | 2024-02-28 | 5.0 MEDIUM | N/A |
Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a denial of service (hang) via (1) unspecified manipulations as demonstrated by a Nessus scan or (2) malformed input to TCP port 502. | |||||
CVE-2008-1789 | 1 Prozilla | 1 Forum | 2024-02-28 | 6.8 MEDIUM | N/A |
SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter. | |||||
CVE-2008-4049 | 1 Friendly Technologies | 1 Friendly Pppoe Client | 2024-02-28 | 6.8 MEDIUM | N/A |
A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to execute arbitrary programs via arguments to the RunApp method. | |||||
CVE-2009-1976 | 1 Oracle | 1 Application Server | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. | |||||
CVE-2008-1703 | 1 Tibco | 8 Adapter Files Z Os, Hawk, Iprocess Engine and 5 more | 2024-02-28 | 9.3 HIGH | N/A |
Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message. | |||||
CVE-2008-5603 | 1 Aspapps | 1 Aspticker | 2024-02-28 | 5.0 MEDIUM | N/A |
ASPTicker 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for news.mdb. | |||||
CVE-2009-3866 | 1 Sun | 2 Jdk, Jre | 2024-02-28 | 9.3 HIGH | N/A |
The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an unintended trusted application, aka Bug Id 6872824. | |||||
CVE-2008-2630 | 1 Joomla | 1 Com Jb2 | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter in a category action to index.php. | |||||
CVE-2008-2551 | 1 Icona | 1 Instant Messenger | 2024-02-28 | 9.3 HIGH | N/A |
The DownloaderActiveX Control (DownloaderActiveX.ocx) in Icona SpA C6 Messenger 1.0.0.1 allows remote attackers to force the download and execution of arbitrary files via a URL in the propDownloadUrl parameter with the propPostDownloadAction parameter set to "run." | |||||
CVE-2008-0014 | 1 Trend Micro | 1 Serverprotect | 2024-02-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013. |