Search
Total
21119 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4010 | 1 Oracle | 1 Bea Product Suite | 2017-08-08 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI tags." | |||||
| CVE-2008-3986 | 1 Oracle | 1 Application Server | 2017-08-08 | 1.0 LOW | N/A |
| Unspecified vulnerability in the Oracle Discoverer Administrator component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows local users to affect confidentiality via unknown vectors. | |||||
| CVE-2008-4869 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2017-08-08 | 10.0 HIGH | N/A |
| FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak." | |||||
| CVE-2008-4868 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers." | |||||
| CVE-2008-4809 | 1 Ibm | 1 Lotus Connections | 2017-08-08 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Profiles search pages in IBM Lotus Connections 2.x before 2.0.1 have unknown impact and attack vectors related to "Active" content. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-4793 | 1 Drupal | 1 Drupal | 2017-08-08 | 7.5 HIGH | N/A |
| The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules. | |||||
| CVE-2008-4002 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2017-08-08 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2008-4722 | 1 Sun | 37 Blade 6000 Modular System With Chassis, Blade 6048 Modular System With Chassis, Blade 8000 Modular System and 34 more | 2017-08-08 | 9.0 HIGH | N/A |
| Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26 allows remote authenticated users to (1) access the service processor (SP) and cause a denial of service (shutdown or reboot), or (2) access the host operating system and have an unspecified impact, via unknown vectors. | |||||
| CVE-2008-4731 | 1 Michael Christen | 1 Yacy | 2017-08-08 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown impact and attack vectors. | |||||
| CVE-2008-4676 | 1 Citrix | 3 Access Essentials, Presentation Server, Xenapp | 2017-08-08 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified file. NOTE: this might be the same issue as CVE-2008-3485, but the vendor advisory is too vague to be certain. | |||||
| CVE-2008-4692 | 1 Ibm | 1 Db2 | 2017-08-08 | 10.0 HIGH | N/A |
| The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors. | |||||
| CVE-2008-4630 | 1 Midgard | 1 Midgard Components Framework | 2017-08-08 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Midgard Components (MidCOM) Framework before 8.09.1 have unknown impact and attack vectors. | |||||
| CVE-2008-4001 | 1 Oracle | 2 Jd Edwards Enterpriseone Ep, Peoplesoft Enterprise | 2017-08-08 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne EP 8.9 and EP 9.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2008-4615 | 1 Portalapp | 1 Portalapp | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors. | |||||
| CVE-2008-4598 | 1 Drupal | 1 Shindig-integrator | 2017-08-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Shindig-Integrator 5.x, a module for Drupal, has unspecified impact and remote attack vectors related to "numerous flaws" that are not related to XSS or access control, a different vulnerability than CVE-2008-4596 and CVE-2008-4597. | |||||
| CVE-2008-3987 | 1 Oracle | 1 Application Server | 2017-08-08 | 1.0 LOW | N/A |
| Unspecified vulnerability in the Oracle Discoverer Desktop component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors. | |||||
| CVE-2008-4597 | 1 Drupal | 1 Shindig-integrator | 2017-08-08 | 7.5 HIGH | N/A |
| Shindig-Integrator 5.x, a module for Drupal, does not properly restrict generated page access, which allows remote attackers to gain privileges via unspecified vectors. | |||||
| CVE-2008-4595 | 1 Slaytanic Scripts | 1 Content Plus | 2017-08-08 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Slaytanic Scripts Content Plus 2.1.1 have unknown impact and remote attack vectors. | |||||
| CVE-2008-4594 | 2 Linksys, Marvell | 2 Wap400n, 88w8361p-bem1 | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. | |||||
| CVE-2008-4580 | 1 Gentoo | 2 Cman, Fence | 2017-08-08 | 7.2 HIGH | N/A |
| fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file. | |||||
| CVE-2008-4012 | 1 Oracle | 1 Weblogic Workshop | 2017-08-08 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite WLW 8.1SP5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI pageflows." | |||||
| CVE-2008-4544 | 1 Cisco | 1 Unity | 2017-08-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error." | |||||
| CVE-2008-4005 | 1 Oracle | 1 Database 11i | 2017-08-08 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Express component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2008-3838 | 1 Sun | 2 Opensolaris, Solaris | 2017-08-08 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local administrators of non-global zones to read and modify NFS traffic for arbitrary non-global zones, possibly leading to file modifications or a denial of service. | |||||
| CVE-2008-4507 | 1 Ibm | 1 Lotus Quickr | 2017-08-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors. | |||||
| CVE-2008-4506 | 1 Ibm | 1 Lotus Quickr | 2017-08-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to "demote or delete a place superuser group" via unknown vectors. | |||||
| CVE-2008-4429 | 1 Sourcenext | 2 Virus Security, Virus Security Zero | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 and earlier and Virus Security 9.5.0173 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via malformed compressed files. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4412 | 1 Hp | 1 Systems Insight Manager | 2017-08-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2008-4410 | 1 Linux | 1 Linux Kernel | 2017-08-08 | 4.9 MEDIUM | N/A |
| The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247. | |||||
| CVE-2008-4358 | 1 Spaw Editor | 1 Spaw Php | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP Edition before 2.0.8.1 has unknown impact and attack vectors, probably related to directory traversal sequences in the theme name. | |||||
| CVE-2008-3983 | 1 Oracle | 3 Database 10g, Database 11i, Database 9i | 2017-08-08 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984. | |||||
| CVE-2008-4293 | 2 Microsoft, Opera | 2 Windows, Opera | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors in which Opera is launched by other applications. | |||||
| CVE-2008-4292 | 1 Opera | 1 Opera Browser | 2017-08-08 | 10.0 HIGH | N/A |
| Opera before 9.52 does not check the CRL override upon encountering a certificate that lacks a CRL, which has unknown impact and attack vectors. NOTE: it is not clear whether this is a vulnerability, but the vendor included it in a security section of the advisory. | |||||
| CVE-2008-3993 | 1 Oracle | 1 E-business Suite | 2017-08-08 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2008-3992 | 1 Oracle | 1 Database 10g | 2017-08-08 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to DMSYS.DBMS_DM_EXP_INTERNAL. | |||||
| CVE-2008-4208 | 1 Osads Alliance Database | 1 Osads Alliance Database | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in OSADS Alliance Database before 2.1 has unknown impact and attack vectors, possibly related to includes/functions.php, a different issue than CVE-2006-2874. | |||||
| CVE-2008-4013 | 1 Oracle | 1 Bea Product Suite | 2017-08-08 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2008-3982 | 1 Oracle | 3 Database 10g, Database 11i, Database 9i | 2017-08-08 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3983 and CVE-2008-3984. | |||||
| CVE-2008-4188 | 1 Typo3 | 1 Secure Directory | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the TYPO3 Secure Directory (kw_secdir) extension before 1.0.2 allows remote attackers to execute arbitrary code via unknown vectors related to "injection of control characters." | |||||
| CVE-2008-3991 | 1 Oracle | 2 Database 10g, Database 9i | 2017-08-08 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990. | |||||
| CVE-2008-4163 | 1 Isc | 1 Bind | 2017-08-08 | 7.8 HIGH | N/A |
| Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors. | |||||
| CVE-2008-4125 | 1 Phpbb | 1 Phpbb | 2017-08-08 | 5.0 MEDIUM | N/A |
| The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than CVE-2006-0632. | |||||
| CVE-2008-3919 | 1 Justsystems | 1 Ichitaro | 2017-08-08 | 9.3 HIGH | N/A |
| Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document, as exploited in the wild in August 2008. | |||||
| CVE-2008-4095 | 1 Flip4mac | 1 Flip4mac Wmv | 2017-08-08 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Importer in Flip4Mac WMV before 2.2.1 have unknown impact and attack vectors, different vulnerabilities than CVE-2007-6713. | |||||
| CVE-2008-4057 | 1 Objective Development | 1 Sharity | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Objective Development Sharity 3 before 3.5 has unknown impact and attack vectors, related to a "serious security problem." | |||||
| CVE-2008-4047 | 1 Novell | 1 Novell Forum | 2017-08-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Novell Forum (formerly SiteScape Forum) 7.0, 7.1, 7.2, 7.3, and 8.0 allows remote attackers to execute arbitrary TCL code via a modified URL. NOTE: this might overlap CVE-2007-6515. | |||||
| CVE-2008-4004 | 2 Jdedwards, Oracle | 2 Enterpriseone, Peoplesoft Enterprise | 2017-08-08 | 3.2 LOW | N/A |
| Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2008-3643 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an "error recovery issue." | |||||
| CVE-2008-3920 | 1 Bitlbee | 1 Bitlbee | 2017-08-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors. | |||||
| CVE-2008-3683 | 1 Sun | 1 Java System Web Proxy Server | 2017-08-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5 before SP6 allows remote attackers to cause a denial of service (failure to accept connections) via unknown vectors, probably related to exhaustion of file descriptors. | |||||