Total
25627 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-0258 | 1 Oracle | 1 Database Server | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Connection Manager component of Oracle Database server 8.1.7.4 and 9.0.1.5 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB03. | |||||
CVE-2006-3707 | 1 Oracle | 1 Application Server | 2023-12-10 | 3.6 LOW | N/A |
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 and 9.0.3.1 has unknown impact and attack vectors, aka Oracle Vuln# AS02. | |||||
CVE-2006-0261 | 1 Oracle | 1 Database Server | 2023-12-10 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB07 in the Dictionary component and (2) DB14 in the Oracle Label Security component. NOTE: Oracle has not disputed reliable researcher claims that DB07 involves plaintext storage of the TDE wallet password in a trace file by event 10053. | |||||
CVE-2004-2706 | 1 Phrozensmoke | 1 Gyach Enhanced | 2023-12-10 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages. | |||||
CVE-2006-1874 | 1 Oracle | 1 Database Server | 2023-12-10 | 7.5 HIGH | N/A |
Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.6 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB09. NOTE: Oracle has not disputed reliable claims that this issue is SQL injection in MDSYS.PRVT_IDX using the (1) EXECUTE_INSERT, (2) EXECUTE_DELETE, (3) EXECUTE_UPDATE, (4) EXECUTE UPDATE, and (5) CRT_DUMMY functions. | |||||
CVE-2005-3463 | 1 Oracle | 1 Peoplesoft Enterprise | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.03 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE03. | |||||
CVE-2005-4273 | 1 Ibm | 1 Aix | 2023-12-10 | 2.1 LOW | N/A |
Multiple unspecified vulnerabilities in (1) getShell and (2) getCommand in IBM AIX 5.3 allow local users to append to arbitrary files. | |||||
CVE-2006-0280 | 1 Oracle | 1 Peoplesoft Enterprise Portal | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle PeopleSoft Enterprise Portal 8.4 Bundle 15, 8.8 Bundle 10, and 8.9 Bundle 2 has unspecified impact and attack vectors, as identified by Oracle Vuln# PSE01. | |||||
CVE-2006-0279 | 1 Oracle | 1 E-business Suite | 2023-12-10 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 4.3 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS13 and (2) APPS14 in the Oracle iLearning component. | |||||
CVE-2006-3569 | 1 Ibm | 1 Network Appliance Data Ontap | 2023-12-10 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in NetApp Data ONTAP 7.0x through 7.0.4P8D9, 7.1x, 7.1.0.1x, and 7.2RC1, RC2, and RC3, as used in IBM N series Filers and other products, allows unauthorized users to gain access to privileged commands via unknown vectors, probably related to incorrect capabilities with the audit role. | |||||
CVE-2006-0287 | 1 Oracle | 2 Application Server, Database Server | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and Application Server 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS02. | |||||
CVE-2006-0367 | 1 Cisco | 1 Call Manager | 2023-12-10 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page." | |||||
CVE-2005-2095 | 1 Squirrelmail | 1 Squirrelmail | 2023-12-10 | 4.3 MEDIUM | N/A |
options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract function to process the $_POST variable, which allows remote attackers to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files. | |||||
CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||||
CVE-1999-1412 | 2 Apache, Apple | 2 Http Server, Macos | 2023-12-10 | 5.0 MEDIUM | N/A |
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes. | |||||
CVE-2000-1241 | 1 Sips | 1 Sips | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault." | |||||
CVE-2004-1810 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.0 MEDIUM | N/A |
The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by creating a new Array object with a large size value, then writing into that array. | |||||
CVE-2002-1716 | 1 Microsoft | 1 Office | 2023-12-10 | 5.0 MEDIUM | N/A |
The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability. | |||||
CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2023-12-10 | 2.1 LOW | N/A |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |||||
CVE-2000-0524 | 1 Microsoft | 2 Exchange Server, Outlook | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. |