Total
31938 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-3907 | 1 Ledgersmb | 1 Ledgersmb | 2025-04-09 | 10.0 HIGH | N/A |
Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 allows remote attackers to bypass authentication and perform certain actions as an arbitrary user via unspecified vectors involving a URL with a redirect parameter value, along with a callback parameter containing an escaped URL that specifies the action. | |||||
CVE-2007-4132 | 1 Redhat | 1 Network Satelite Server | 2025-04-09 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 allows remote authenticated users to execute arbitrary code via unknown vectors in a "back-end XMLRPC handler." | |||||
CVE-2007-6703 | 1 Synce | 1 Vdccm | 2025-04-09 | 10.0 HIGH | N/A |
Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) might allow attackers to cause a denial of service via unspecified vectors. | |||||
CVE-2007-3010 | 1 Al-enterprise | 1 Omnipcx Enterprise Communication Server | 2025-04-09 | 10.0 HIGH | 9.8 CRITICAL |
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action. | |||||
CVE-2008-2064 | 1 Phpgedview | 1 Phpgedview | 2025-04-09 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems." | |||||
CVE-2009-3354 | 2 Andrew Sterling Hanenkamp, Drupal | 2 Rest Api Module, Drupal | 2025-04-09 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in the Rest API module for Drupal have unknown impact and attack vectors. | |||||
CVE-2008-2625 | 1 Oracle | 2 Database 10g, Database 9i | 2025-04-09 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode. | |||||
CVE-2008-2616 | 1 Oracle | 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools | 2025-04-09 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622. | |||||
CVE-2008-0368 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-09 | 7.2 HIGH | N/A |
onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument. | |||||
CVE-2008-3049 | 1 Typo3 | 1 Pdf Generator 2 Extension | 2025-04-09 | 5.0 MEDIUM | N/A |
The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors. | |||||
CVE-2009-3402 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 2.1 LOW | N/A |
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
CVE-2008-3983 | 1 Oracle | 3 Database 10g, Database 11i, Database 9i | 2025-04-09 | 5.5 MEDIUM | N/A |
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984. | |||||
CVE-2008-2617 | 1 Oracle | 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools Component | 2025-04-09 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622. | |||||
CVE-2008-0836 | 1 Sun | 1 Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319. | |||||
CVE-2009-4487 | 1 F5 | 1 Nginx | 2025-04-09 | 6.8 MEDIUM | N/A |
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | |||||
CVE-2008-3947 | 1 Hp | 1 Openvms | 2025-04-09 | 7.2 HIGH | N/A |
DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line. | |||||
CVE-2008-0113 | 1 Microsoft | 1 Excel Viewer | 2025-04-09 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability." | |||||
CVE-2008-2674 | 4 Fujitsu, Microsoft, Redhat and 1 more | 11 Interstage Application Server Enterprise, Interstage Application Server Plus, Interstage Application Server Plus Developer and 8 more | 2025-04-09 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors. | |||||
CVE-2009-3404 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2025-04-09 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft PeopleTools & Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.23 allows remote authenticated users to affect integrity via unknown vectors. | |||||
CVE-2009-2196 | 2 Apple, Microsoft | 5 Mac Os X, Mac Os X Server, Safari and 2 more | 2025-04-09 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors. |