Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-1604 1 Limesurvey 1 Limesurvey 2026-04-23 N/A
Unspecified vulnerability in LimeSurvey before 1.82 allows remote attackers to execute commands and obtain sensitive data via unknown attack vectors related to /admin/remotecontrol/.
CVE-2009-0984 1 Oracle 3 Database 10g, Database 11g, Database 9i 2026-04-23 N/A
Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL.
CVE-2009-3559 1 Php 1 Php 2026-04-23 N/A
main/streams/plain_wrapper.c in PHP 5.3.x before 5.3.1 does not recognize the safe_mode_include_dir directive, which allows context-dependent attackers to have an unknown impact by triggering the failure of PHP scripts that perform include or require operations, as demonstrated by a script that attempts to perform a require_once on a file in a standard library directory. NOTE: a reliable third party reports that this is not a vulnerability, because it results in a more restrictive security policy.
CVE-2008-5451 2 Jdedwards, Oracle 2 Enterpriseone, Peoplesoft Enterprise 2026-04-23 N/A
Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.5 allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2009-0552 1 Microsoft 5 Ie, Internet Explorer, Windows 2000 and 2 more 2026-04-23 N/A
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."
CVE-2008-1877 1 Debian 1 Tss 2026-04-23 N/A
tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with privileges.
CVE-2008-1275 1 Mailenable 3 Mailenable Enterprise, Mailenable Professional, Mailenable Standard 2026-04-23 N/A
Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands.
CVE-2006-5040 1 Joomla 2 Com Sef, Sef4040x 2026-04-23 N/A
Unspecified vulnerability in SEF404x (com_sef) for Joomla! has unspecified impact and attack vectors.
CVE-2009-0979 1 Oracle 1 Database 9i 2026-04-23 N/A
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2008-1829 1 Oracle 2 Enterpriseone, Peoplesoft Enterprise 2026-04-23 N/A
Unspecified vulnerability in the PeopleSoft HCM Recruiting component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1 has unknown impact and remote attack vectors, aka PSE02.
CVE-2009-1042 1 Apple 2 Mac Os X, Safari 2026-04-23 N/A
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
CVE-2008-3683 1 Sun 1 Java System Web Proxy Server 2026-04-23 N/A
Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5 before SP6 allows remote attackers to cause a denial of service (failure to accept connections) via unknown vectors, probably related to exhaustion of file descriptors.
CVE-2009-0721 1 Hp 1 Remote Graphics Software 2026-04-23 N/A
Unspecified vulnerability in Easy Login in the Sender module in HP Remote Graphics Software (RGS) 4.0.0 through 5.2.4 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2007-0274 1 Oracle 1 Database Server 2026-04-23 N/A
Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 have unknown impact and attack vectors related to (1) Export and sys.dbms_logrep_util (DB08), and (2) Oracle Streams and sys.dbms_capture_adm_internal privileges (DB09). NOTE: Oracle has not disputed reliable researcher claims that DB08 is for a buffer overflow in the GET_OBJECT_NAME procedure in the DBMS_LOGREP_UTIL package, and DB09 is for buffer overflows in the CREATE_CAPTURE, ALTER_CAPTURE, and ABORT_TABLE_INSTANTIATION procedures in SYS.DBMS_CAPTURE_ADM_INTERNAL.
CVE-2009-0719 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unknown vectors, a different issue than CVE-2008-1660.
CVE-2008-1827 1 Oracle 2 E-business Suite 11i, E-business Suite 12 2026-04-23 N/A
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 and 12.0.4 have unknown impact and attack vectors related to (a) Advanced Pricing component, aka (1) APP02, (2) APP03, and (3) APP09; (b) Application Object Library component, aka (4) APP04, (5) APP07, and (6) APP11; (c) Applications Manager component, aka (7) APP06; (d) and Applications Technology Stack component, aka (8) APP08.
CVE-2008-3759 1 Lussumo 1 Vanilla 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in ajax/UpdateCheck.php in Vanilla 1.1.4 and earlier has unknown impact and remote attack vectors.
CVE-2008-3974 1 Oracle 1 Database 9i 2026-04-23 N/A
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.
CVE-2008-3989 1 Oracle 1 Database 10g 2026-04-23 N/A
Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability, related to DMSYS.ODM_MODEL_UTIL.
CVE-2009-1266 1 Wireshark 1 Wireshark 2026-04-23 N/A
Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors.