Total
31944 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4538 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-09 | 10.0 HIGH | N/A |
| drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537. | |||||
| CVE-2008-3246 | 2 Blackberry, Rim | 7 Enterprise Server, Unite, Blackberry Enterprise Server and 4 more | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment. | |||||
| CVE-2008-1561 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2 might also lead to a hang. | |||||
| CVE-2008-1286 | 2 Linux, Sun | 3 Linux Kernel, Java Web Console, Solaris | 2025-04-09 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors. | |||||
| CVE-2008-3232 | 1 Dotclear | 1 Dotclear | 2025-04-09 | 9.3 HIGH | N/A |
| Unrestricted file upload vulnerability in ecrire/images.php in Dotclear 1.2.7.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images. | |||||
| CVE-2007-4884 | 1 Media Player Classic | 1 Media Player Classic | 2025-04-09 | 4.3 MEDIUM | N/A |
| Media Player Classic (MPC) allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. | |||||
| CVE-2006-5581 | 1 Microsoft | 1 Internet Explorer | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability." | |||||
| CVE-2008-1412 | 1 F-secure | 12 F-secure Anti-virus, F-secure Anti-virus Client Security, F-secure Anti-virus For Linux and 9 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats. | |||||
| CVE-2009-0213 | 1 Areva | 1 E-terrahabitat | 2025-04-09 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the NETIO application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32021. | |||||
| CVE-2008-6967 | 1 Alt-n | 2 Mdaemon, Worldclient | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related to cross-site scripting (XSS) and WorldClient DLL 10.0.1, a different vulnerability than CVE-2008-6893. | |||||
| CVE-2007-6319 | 1 Lyris | 1 List Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts." | |||||
| CVE-2007-6350 | 1 Scponly | 1 Scponly | 2025-04-09 | 8.5 HIGH | N/A |
| scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks. | |||||
| CVE-2008-1780 | 1 Sun | 1 Solaris | 2025-04-09 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors. | |||||
| CVE-2007-6525 | 1 Ibm | 1 Db2 Content Manager Toolkit | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) Toolkit 8.3 before fix pack 7 for z/OS has unknown impact and attack vectors, related to "scripting." | |||||
| CVE-2007-4547 | 1 X-diesel | 1 Unreal Commander | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted attackers to obtain sensitive information (memory contents) by reading the extracted files. NOTE: this issue is only a vulnerability if Unreal is run with privileges, or if the extracted files are made accessible to other users. | |||||
| CVE-2009-1673 | 1 Sun | 1 Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
| The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD. | |||||
| CVE-2008-3812 | 1 Cisco | 1 Ios | 2025-04-09 | 7.1 HIGH | N/A |
| Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet. | |||||
| CVE-2009-2030 | 2 Ibm, Sun | 2 Os\/400, Jdk | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the XML Digital Signature verification functionality in JVA-RUN in JDK 6.0 in IBM OS/400 i5/OS V5R4M0 and V6R1M0 has unknown impact and attack vectors related to "XML SECURITY PATCH." | |||||
| CVE-2008-0075 | 1 Microsoft | 1 Internet Information Server | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages. | |||||
| CVE-2009-3393 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors. | |||||