Search
Total
6314 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2030 | 2 Ibm, Sun | 2 Os\/400, Jdk | 2017-08-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the XML Digital Signature verification functionality in JVA-RUN in JDK 6.0 in IBM OS/400 i5/OS V5R4M0 and V6R1M0 has unknown impact and attack vectors related to "XML SECURITY PATCH." | |||||
| CVE-2009-2028 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-08-17 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues." | |||||
| CVE-2009-1970 | 1 Oracle | 1 Database Server | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-0991. | |||||
| CVE-2009-1973 | 1 Oracle | 1 Database Server | 2017-08-17 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Virtual Private Database component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to VPD policies. | |||||
| CVE-2009-1974 | 1 Oracle | 1 Bea Product Suite | 2017-08-17 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Servlet Container Package. | |||||
| CVE-2009-1975 | 1 Oracle | 1 Bea Product Suite | 2017-08-17 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality, integrity, and availability, related to the WLS Console Package. | |||||
| CVE-2009-1976 | 1 Oracle | 1 Application Server | 2017-08-17 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2009-1977 | 1 Oracle | 1 Secure Backup | 2017-08-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows attackers to bypass authentication via unknown vectors involving the username parameter and login.php. | |||||
| CVE-2009-1978 | 1 Oracle | 1 Secure Backup | 2017-08-17 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows remote authenticated users to execute arbitrary code with SYSTEM privileges via vectors involving property_box.php. | |||||
| CVE-2009-1980 | 1 Oracle | 1 E-business Suite | 2017-08-17 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2009-1981 | 1 Oracle | 1 Siebel Enterprise Suite | 2017-08-17 | 3.0 LOW | N/A |
| Unspecified vulnerability in the Highly Interactive Client component in Siebel Product Suite 7.5.3, 7.7.2, 7.8.2, 8.0.0.5, and 8.1.0 allows local users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2009-1982 | 1 Oracle | 1 E-business Suite | 2017-08-17 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.6 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2009-1983 | 1 Oracle | 1 E-business Suite | 2017-08-17 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2009-1989 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2017-08-17 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise FMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1, 8.9 Bundle 33, and 9.0 Bundle 24 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2009-1984 | 1 Oracle | 1 E-business Suite | 2017-08-17 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in the Application Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Patch Administrator. | |||||
| CVE-2009-1988 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2017-08-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS eProfile Manager component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1, 8.9 Bundle 19, and 9.0 Bundle 9 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2009-1987 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools - Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.21 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2009-1986 | 1 Oracle | 1 E-business Suite | 2017-08-17 | 2.6 LOW | N/A |
| Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2009-0918 | 1 Dflabs | 1 Ptk | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image. | |||||
| CVE-2009-2963 | 1 Decomputeur | 1 Toolbar Uninstaller | 2017-08-17 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the update feature in Toolbar Uninstaller 1.0.2 allows remote attackers to force the download and execution of arbitrary files via attack vectors related to a "malformed update url and a malformed update website." | |||||
| CVE-2009-2866 | 1 Cisco | 1 Ios | 2017-08-17 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. | |||||
| CVE-2009-2744 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 7.8 HIGH | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 allows remote attackers to cause a denial of service via unknown vectors, related to "an error in fixpacks 6.1.0.23 and 6.1.0.25." | |||||
| CVE-2009-0938 | 1 Tor | 1 Tor | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input." | |||||
| CVE-2009-0962 | 1 Futomi | 1 Mp Form Mail Cgi | 2017-08-17 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 and earlier, and CGI Professional 3.2.2 and earlier, allows remote attackers to gain administrative privileges via unknown attack vectors. | |||||
| CVE-2009-2743 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 2.1 LOW | N/A |
| IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and 7.0 before 7.0.0.7, does not properly handle an exception occurring after use of wsadmin scripts and configuration of JAAS-J2C Authentication Data, which allows local users to obtain sensitive information by reading the First Failure Data Capture (FFDC) log file. | |||||
| CVE-2009-2741 | 1 Ibm | 1 Websphere Business Events | 2017-08-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the wberuntimeear application in the test servlet in IBM WebSphere Business Events 6.1 and 6.2 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2009-0987 | 1 Oracle | 1 Database Server | 2017-08-17 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Upgrade component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2009-0991 | 1 Oracle | 3 Database 10g, Database 11g, Database 9i | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970. | |||||
| CVE-2009-2680 | 1 Hp | 4 Storageworks 1\/8 G2 Tape Autoloader, Storageworks Msl2024 Tape Library, Storageworks Msl4048 Tape Library and 1 more | 2017-08-17 | 8.5 HIGH | N/A |
| Unspecified vulnerability in the Remote Management Interface (RMI) for MSL Tape Libraries and 1/8 G2 Tape Autoloaders in HP StorageWorks 1/8 G2 Tape Autoloader firmware 2.30 and earlier, MSL2024 Tape Library firmware 4.20 and earlier, MSL4048 Tape Library firmware 6.50 and earlier, and MSL8096 Tape Library firmware 8.90 and earlier allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2009-1001 | 1 Oracle | 1 Bea Product Suite | 2017-08-17 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2009-1002 | 1 Oracle | 1 Bea Product Suite | 2017-08-17 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors. | |||||
| CVE-2009-1003 | 1 Oracle | 1 Bea Product Suite | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect integrity via unknown vectors related to "access to source code of web pages." | |||||
| CVE-2009-1012 | 1 Oracle | 1 Bea Product Suite | 2017-08-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow. | |||||
| CVE-2009-2652 | 1 Sun | 2 Opensolaris, Solaris | 2017-08-17 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris 10, and OpenSolaris snv_37 through snv_120, allows remote attackers to cause a denial of service (panic) via vectors involving the parsing of labeled packets. | |||||
| CVE-2009-2651 | 1 Digium | 1 Asterisk | 2017-08-17 | 5.0 MEDIUM | N/A |
| main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote attackers to cause a denial of service (crash) via an RTP text frame without a certain delimiter, which triggers a NULL pointer dereference and the subsequent calculation of an invalid pointer. | |||||
| CVE-2009-2647 | 1 Kaspersky | 2 Kaspersky Anti-virus, Kaspersky Internet Security | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to "an external script." | |||||
| CVE-2009-2643 | 1 Rim | 2 Blackberry Enterprise Server, Blackberry Professional Software | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219. | |||||
| CVE-2009-2678 | 1 Hp | 1 Nonstop Server | 2017-08-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Open System Services (OSS) Name Server on HP NonStop G06.27, G06.28, G06.29, G06.30, H06.06, H06.07, H06.08, and J06.03 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2009-1015 | 1 Oracle | 1 Database Server | 2017-08-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.05, and 10.2.04 allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2009-1016 | 1 Oracle | 1 Bea Product Suite | 2017-08-17 | 8.5 HIGH | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow involving an unspecified Server Plug-in and a crafted SSL certificate. | |||||
| CVE-2009-2491 | 1 Sun | 1 Ray Server Software | 2017-08-17 | 4.4 MEDIUM | N/A |
| The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to access the sessions of arbitrary users via unknown vectors related to "resource leaks." | |||||
| CVE-2009-2490 | 1 Sun | 1 Ray Server Software | 2017-08-17 | 1.9 LOW | N/A |
| Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to cause a denial of service (audio outage) or possibly gain privileges via unknown vectors related to "resource leaks." | |||||
| CVE-2009-2489 | 1 Sun | 1 Ray Server Software | 2017-08-17 | 2.1 LOW | N/A |
| Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors. | |||||
| CVE-2009-2481 | 2 Six Apart, Sixapart | 2 Movable Type, Movable Type | 2017-08-17 | 5.8 MEDIUM | N/A |
| mt-wizard.cgi in Six Apart Movable Type before 4.261, when global templates are not initialized, allows remote attackers to bypass access restrictions and (1) send e-mail to arbitrary addresses or (2) obtain sensitive information via unspecified vectors. | |||||
| CVE-2009-1019 | 1 Oracle | 1 Database Server | 2017-08-17 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2009-2458 | 1 Sun | 1 Sun Fire Server | 2017-08-17 | 5.4 MEDIUM | N/A |
| Unspecified vulnerability in Sun Fire V215 Server, when using XVR-100 graphic cards on system boards with part number 375-3463 and a hardware dash level -04 or later, allows remote attackers to cause a denial of service (panic) via unknown vectors. | |||||
| CVE-2009-2456 | 1 Novell | 1 Edirectory | 2017-08-17 | 5.0 MEDIUM | N/A |
| The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN). | |||||
| CVE-2009-1020 | 1 Oracle | 1 Database Server | 2017-08-17 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Network Foundation component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2009-1021 | 1 Oracle | 1 Database Server | 2017-08-17 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2009-1042 | 1 Apple | 2 Mac Os X, Safari | 2017-08-17 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009. | |||||