Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6532 1 Xfce 1 Xfce 2026-04-23 N/A
Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."
CVE-2007-6534 1 Microsoft 1 Publisher 2026-04-23 N/A
Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wordart.
CVE-2009-3982 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2026-04-23 N/A
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2008-7149 1 Agilewiki 1 Agilewiki 2026-04-23 N/A
Unspecified vulnerability in AgileWiki before 0.10.1 has unknown impact and attack vectors related to passwords.
CVE-2008-7233 1 Oracle 2 Application Server, E-business Suite 11i 2026-04-23 N/A
Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02.
CVE-2008-5445 1 Oracle 1 Secure Backup 2026-04-23 N/A
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service in observiced.exe via malformed private Protocol data that triggers a NULL pointer dereference.
CVE-2007-6552 1 Auracms 1 Auracms 2026-04-23 N/A
Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/admin_users.php to bypass a protection mechanism against direct request.
CVE-2008-5676 1 Breach 1 Modsecurity 2026-04-23 N/A
Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching."
CVE-2008-7234 1 Oracle 1 Application Server 2026-04-23 N/A
Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03.
CVE-2008-7235 1 Oracle 2 Application Server, E-business Suite 2026-04-23 N/A
Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04.
CVE-2008-5709 1 Avaya 1 Communication Manager 2026-04-23 N/A
Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated users to execute arbitrary code via unknown attack vectors in the (1) Set Static Routes and (2) Backup History components.
CVE-2009-2297 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
Unspecified vulnerability in the udp subsystem in the kernel in Sun Solaris 10, and OpenSolaris snv_90 through snv_108, when Solaris Trusted Extensions is enabled, allows remote attackers to cause a denial of service (panic) via unspecified vectors involving the crgetlabel function, related to a "TX panic." NOTE: this issue exists because of a regression in earlier kernel patches.
CVE-2008-6072 1 Graphicsmagick 1 Graphicsmagick 2026-04-23 N/A
Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CINEON images.
CVE-2008-2308 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service (memory corruption and application crash) by resolving an alias that contains crafted AFP volume mount information.
CVE-2009-0978 1 Oracle 2 Database 10g, Database 11g 2026-04-23 N/A
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0975.
CVE-2008-2307 2 Apple, Microsoft 5 Mac Os X, Safari, Windows and 2 more 2026-04-23 N/A
Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption.
CVE-2008-2275 1 Typo3 1 Sr Feuser Register Extension 2026-04-23 N/A
Unspecified vulnerability in sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to execute arbitrary code and delete arbitrary files via unspecified attack vectors.
CVE-2008-1191 2 Redhat, Sun 3 Rhel Extras, Jdk, Jre 2026-04-23 N/A
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."
CVE-2008-2273 1 Arubanetworks 2 Aruba Mobility Controller, Arubaos 2026-04-23 N/A
Unspecified vulnerability in the TACACS authentication component in Aruba Mobility Controller 3.1.x, 3.2.x, and 3.3.x allows remote authenticated users to gain privileges via unknown vectors.
CVE-2008-2253 1 Microsoft 3 Windows-nt, Windows Media Player, Windows Xp 2026-04-23 N/A
Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability."