Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 31938 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-3907 1 Ledgersmb 1 Ledgersmb 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 allows remote attackers to bypass authentication and perform certain actions as an arbitrary user via unspecified vectors involving a URL with a redirect parameter value, along with a callback parameter containing an escaped URL that specifies the action.
CVE-2007-4132 1 Redhat 1 Network Satelite Server 2025-04-09 6.5 MEDIUM N/A
Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 allows remote authenticated users to execute arbitrary code via unknown vectors in a "back-end XMLRPC handler."
CVE-2007-6703 1 Synce 1 Vdccm 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) might allow attackers to cause a denial of service via unspecified vectors.
CVE-2007-3010 1 Al-enterprise 1 Omnipcx Enterprise Communication Server 2025-04-09 10.0 HIGH 9.8 CRITICAL
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.
CVE-2008-2064 1 Phpgedview 1 Phpgedview 2025-04-09 10.0 HIGH N/A
Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems."
CVE-2009-3354 2 Andrew Sterling Hanenkamp, Drupal 2 Rest Api Module, Drupal 2025-04-09 10.0 HIGH N/A
Multiple unspecified vulnerabilities in the Rest API module for Drupal have unknown impact and attack vectors.
CVE-2008-2625 1 Oracle 2 Database 10g, Database 9i 2025-04-09 4.0 MEDIUM N/A
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode.
CVE-2008-2616 1 Oracle 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools 2025-04-09 6.5 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622.
CVE-2008-0368 1 Ibm 1 Informix Dynamic Server 2025-04-09 7.2 HIGH N/A
onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument.
CVE-2008-3049 1 Typo3 1 Pdf Generator 2 Extension 2025-04-09 5.0 MEDIUM N/A
The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors.
CVE-2009-3402 1 Oracle 1 E-business Suite 2025-04-09 2.1 LOW N/A
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2008-3983 1 Oracle 3 Database 10g, Database 11i, Database 9i 2025-04-09 5.5 MEDIUM N/A
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984.
CVE-2008-2617 1 Oracle 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools Component 2025-04-09 6.5 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622.
CVE-2008-0836 1 Sun 1 Solaris 2025-04-09 4.9 MEDIUM N/A
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319.
CVE-2009-4487 1 F5 1 Nginx 2025-04-09 6.8 MEDIUM N/A
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
CVE-2008-3947 1 Hp 1 Openvms 2025-04-09 7.2 HIGH N/A
DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line.
CVE-2008-0113 1 Microsoft 1 Excel Viewer 2025-04-09 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability."
CVE-2008-2674 4 Fujitsu, Microsoft, Redhat and 1 more 11 Interstage Application Server Enterprise, Interstage Application Server Plus, Interstage Application Server Plus Developer and 8 more 2025-04-09 6.4 MEDIUM N/A
Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors.
CVE-2009-3404 1 Oracle 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise 2025-04-09 4.0 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft PeopleTools & Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.23 allows remote authenticated users to affect integrity via unknown vectors.
CVE-2009-2196 2 Apple, Microsoft 5 Mac Os X, Mac Os X Server, Safari and 2 more 2025-04-09 5.0 MEDIUM N/A
Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors.