Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 31938 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-0716 1 Hp 1 Storageworks Storage Mirroring 2025-04-09 7.5 HIGH N/A
Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service or obtain "access" via unknown vectors.
CVE-2008-6507 1 Phpbb 1 Phpbb 2025-04-09 5.0 MEDIUM N/A
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum.
CVE-2008-5683 1 Opera 1 Opera Browser 2025-04-09 7.8 HIGH N/A
Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors.
CVE-2008-2253 1 Microsoft 3 Windows-nt, Windows Media Player, Windows Xp 2025-04-09 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability."
CVE-2008-4188 1 Typo3 1 Secure Directory 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in the TYPO3 Secure Directory (kw_secdir) extension before 1.0.2 allows remote attackers to execute arbitrary code via unknown vectors related to "injection of control characters."
CVE-2007-4045 2 Apple, Fedoraproject 2 Cups, Fedora 2025-04-09 5.0 MEDIUM N/A
The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation.
CVE-2009-0719 1 Hp 1 Hp-ux 2025-04-09 6.0 MEDIUM N/A
Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unknown vectors, a different issue than CVE-2008-1660.
CVE-2009-1314 1 Webfileexplorer 1 Web File Explorer 2025-04-09 10.0 HIGH N/A
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
CVE-2008-3156 1 Panda 1 Panda Activescan 2025-04-09 9.3 HIGH N/A
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
CVE-2009-3096 2 Hp, Microsoft 2 Performance Insight, Windows 2025-04-09 10.0 HIGH N/A
Multiple unspecified vulnerabilities in HP Performance Insight 5.3 allow remote attackers to have an unknown impact, related to (1) a "Remote exploit" on Windows platforms, and (2) a "Remote preauthentication exploit" on the Windows Server 2003 SP2 platform, as demonstrated by certain modules in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2009-0370 1 Ibm 1 Aix 2025-04-09 7.2 HIGH N/A
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
CVE-2006-5339 1 Oracle 1 Database Server 2025-04-09 9.0 HIGH N/A
Unspecified vulnerability in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_geom, aka Vuln# DB11. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB11 is related to "length checking" in the RELATE function before MD2.RELATE is called.
CVE-2007-4285 1 Cisco 1 Ios 2025-04-09 9.0 HIGH N/A
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header.
CVE-2007-3922 1 Sun 3 Jdk, Jre, Sdk 2025-04-09 6.8 MEDIUM N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.
CVE-2008-0347 1 Oracle 6 Application Server, Application Server 9i, Collaboration Suite and 3 more 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; and Application Server 9.0.4.3 and 10.1.2.0.2; has unknown impact and local attack vectors, aka OCS01. NOTE: Oracle has not disputed a reliable claim that this issue is related to WKSYS schema privileges.
CVE-2008-1945 6 Canonical, Debian, Opensuse and 3 more 9 Ubuntu Linux, Debian Linux, Opensuse and 6 more 2025-04-09 2.1 LOW N/A
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
CVE-2008-3224 1 Phpbb 1 Phpbb 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()."
CVE-2008-4580 1 Gentoo 2 Cman, Fence 2025-04-09 7.2 HIGH N/A
fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file.
CVE-2009-1763 1 Sun 1 Opensolaris 2025-04-09 7.2 HIGH N/A
Unspecified vulnerability in the Solaris Secure Digital slot driver (aka sdhost) in Sun OpenSolaris snv_105 through snv_108 on the x86 platform allows local users to gain privileges or cause a denial of service (filesystem or memory corruption) via unknown vectors.
CVE-2008-4493 1 Microsoft 1 Digital Image 2025-04-09 6.8 MEDIUM N/A
Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.