Search Results (35577 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2035 1 Drupal 1 Services Module For Drupal 2026-04-23 N/A
Unspecified vulnerability in Services 6.x before 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote attackers to read or add keys and access unauthorized services via unspecified vectors.
CVE-2009-0997 1 Oracle 1 Database Server 2026-04-23 N/A
Unspecified vulnerability in the Database Vault component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, related to DBMS_SYS_SQL.
CVE-2008-1115 1 Sun 1 Solaris 2026-04-23 N/A
Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands.
CVE-2008-5801 1 Typo3 1 Dictionary Extension 2026-04-23 N/A
Unspecified vulnerability in the Dictionary (rtgdictionary) extension 0.1.9 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors.
CVE-2007-0916 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
CVE-2007-4553 1 Thomson 1 St 2030 Sip Phone 2026-04-23 N/A
The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via an INVITE message with a Via header that contains a '/' (slash) instead of the required space following the SIP version number.
CVE-2008-3064 1 Realnetworks 1 Realplayer 2026-04-23 N/A
Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."
CVE-2009-1860 1 Adobe 1 Shockwave Player 2026-04-23 N/A
Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content.
CVE-2008-5884 1 Zkesoft 1 Ayeview 2026-04-23 N/A
AyeView 2.20 allows user-assisted attackers to cause a denial of service (application crash) via a GIF file with a malformed header.
CVE-2008-4609 12 Bsd, Bsdi, Cisco and 9 more 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more 2026-04-23 N/A
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
CVE-2009-3886 2 Redhat, Sun 2 Rhel Extras, Jre 2026-04-23 N/A
The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP (1) application or (2) applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531.
CVE-2008-4306 2 Redhat, Ubuntu 2 Enterprise Linux, Linux 2026-04-23 N/A
Buffer overflow in enscript before 1.6.4 has unknown impact and attack vectors, possibly related to the font escape sequence.
CVE-2008-3805 1 Cisco 1 Ios 2026-04-23 N/A
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806.
CVE-2008-5227 1 Phpcow 1 Phpcow 2026-04-23 N/A
Unspecified vulnerability in PHPCow allows remote attackers to execute arbitrary code via unknown vectors, related to a "file inclusion vulnerability," as exploited in the wild in November 2008.
CVE-2007-3035 1 Microsoft 1 Windows Media Player 2026-04-23 N/A
Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression, aka "Windows Media Player Code Execution Vulnerability Decompressing Skins."
CVE-2008-5647 1 Trac 1 Trac 2026-04-23 N/A
Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors.
CVE-2009-1156 1 Cisco 2 Adaptive Security Appliance 5500, Pix 2026-04-23 N/A
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet.
CVE-2009-0052 2 Atheros, Netgear 3 Ar9160-bc1a Chipset, Wndap330, Wndap330 Firmware 2026-04-23 N/A
The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame.
CVE-2009-1240 1 Ibm 4 Network Multi-function Security, Proventia Desktop Endpoint Security, Proventia Network Mail Security System and 1 more 2026-04-23 N/A
Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive.
CVE-2008-3605 1 Mcafee 1 Encrypted Usb Manager 2026-04-23 N/A
Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, when the Re-use Threshold for passwords is nonzero, allows remote attackers to conduct offline brute force attacks via unknown vectors.