Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-3038 2 Ibm, Rim 2 Lotus Notes Connector, Blackberry Desktop Manager 2026-04-23 N/A
A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion (RIM) Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of service (Internet Explorer crash) by referencing the control's CLSID in the classid attribute of an OBJECT element.
CVE-2008-5430 1 Mozilla 1 Thunderbird 2026-04-23 N/A
Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which might allow remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173.
CVE-2009-2744 1 Ibm 1 Websphere Application Server 2026-04-23 N/A
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 allows remote attackers to cause a denial of service via unknown vectors, related to "an error in fixpacks 6.1.0.23 and 6.1.0.25."
CVE-2008-5345 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Unspecified vulnerability in Java Runtime Environment (JRE) with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier allows code that is loaded from a local filesystem to read arbitrary files and make unauthorized connections to localhost via unknown vectors.
CVE-2009-3071 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-23 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2007-1259 1 Web-app.org 1 Webapp 2026-04-23 N/A
Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have unknown impact and attack vectors.
CVE-2009-1903 2 Fedoraproject, Trustwave 2 Fedora, Modsecurity 2026-04-23 N/A
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
CVE-2008-1369 1 Sun 2 Sparc Enterprise Server, Sunos 2026-04-23 N/A
A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors.
CVE-2009-2029 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.
CVE-2009-0975 1 Oracle 2 Database 10g, Database 11g 2026-04-23 N/A
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0978.
CVE-2009-2204 1 Apple 1 Iphone Os 2026-04-23 N/A
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore.
CVE-2009-3449 1 Collectorz 1 Mp3 Collector 2026-04-23 N/A
MP3 Collector 2.3 allows remote attackers to cause a denial of service (application crash) via a long URL in a .m3u playlist file.
CVE-2008-0331 1 Funkwerk 2 System Software, X2300 2026-04-23 N/A
Unspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Router / VPN devices allows remote attackers to cause a denial of service (panic and reboot) via unspecified DNS requests.
CVE-2008-5026 1 Microsoft 1 Sharepoint Server 2026-04-23 N/A
Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading HTML documents.
CVE-2007-5483 1 Ibm 1 Websphere Application Server 2026-04-23 N/A
Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors.
CVE-2009-0978 1 Oracle 2 Database 10g, Database 11g 2026-04-23 N/A
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0975.
CVE-2007-4494 1 Ez 1 Ez Publish 2026-04-23 N/A
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
CVE-2009-3791 1 Adobe 1 Flash Media Server 2026-04-23 7.5 High
Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to cause a denial of service (resource exhaustion) via unknown vectors.
CVE-2008-2609 1 Oracle 3 Application Server, Oracle Application Server, Oracle Portal Component 2026-04-23 N/A
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors.
CVE-2007-4884 1 Media Player Classic 1 Media Player Classic 2026-04-23 N/A
Media Player Classic (MPC) allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error.