Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0516 1 Yana Framework 1 Yana Framework 2026-04-23 N/A
Yana Framework before 2.8.5a allows remote authenticated users with permissions to modify a guestbook profile to modify or delete arbitrary guestbook profiles via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-6117 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages.
CVE-2008-3985 1 Oracle 1 E-business Suite 2026-04-23 N/A
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 allows remote attackers to affect confidentiality via unknown vectors.
CVE-2009-2656 1 Google 1 Android 2026-04-23 N/A
Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009.
CVE-2007-6686 1 Menalto 1 Gallery 2026-04-23 N/A
The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller.
CVE-2008-2625 1 Oracle 2 Database 10g, Database 9i 2026-04-23 N/A
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode.
CVE-2006-6737 2 Redhat, Sun 5 Enterprise Linux, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue."
CVE-2008-2859 1 Netwin 1 Surgemail 2026-04-23 N/A
Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an "imap command."
CVE-2008-6412 1 Vignette 1 Vignette Content Management 2026-04-23 N/A
Unspecified vulnerability in Vignette Content Management 7.3.0.5, 7.3.1, 7.3.1.1, 7.4, and 7.5 allows "low privileged" users to gain administrator privileges via unknown attack vectors.
CVE-2008-3329 1 Twibright 1 Links 2026-04-23 N/A
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."
CVE-2009-1419 2 Hp, Microsoft 2 Discovery\&dependency Mapping Inventory, Windows 2026-04-23 N/A
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.0.0 through 2.52, 7.50, and 7.51 on Windows allows remote attackers to access DDMI agents via unknown vectors.
CVE-2007-4395 1 Sun 1 Sunos 2026-04-23 N/A
Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role.
CVE-2009-1443 1 Ocsinventory-ng 1 Ocs Inventory Ng 2026-04-23 N/A
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors.
CVE-2008-3502 1 Bestpractical 1 Rt 2026-04-23 N/A
Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service (CPU or memory consumption) via unspecified vectors related to the Devel::StackTrace module for Perl.
CVE-2008-1187 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.
CVE-2008-1563 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2009-0938 1 Tor 1 Tor 2026-04-23 N/A
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input."
CVE-2009-1266 1 Wireshark 1 Wireshark 2026-04-23 N/A
Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors.
CVE-2009-0715 1 Hp 1 Storage Essentials 2026-04-23 N/A
Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors.
CVE-2008-4012 1 Oracle 1 Weblogic Workshop 2026-04-23 N/A
Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite WLW 8.1SP5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI pageflows."