Total
11775 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3287 | 1 Emc Dantz | 1 Retrospect Backup Client | 2025-04-09 | 5.0 MEDIUM | N/A |
| retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via malformed packets to TCP port 497, which trigger a NULL pointer dereference. | |||||
| CVE-2008-1014 | 1 Apple | 1 Quicktime | 2025-04-09 | 4.3 MEDIUM | N/A |
| Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2009-2583 | 1 Ibm | 1 Tivoli Identity Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces. | |||||
| CVE-2007-5041 | 1 Gdata | 1 Internetsecurity 2007 | 2025-04-09 | 4.6 MEDIUM | N/A |
| G DATA InternetSecurity 2007 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey and (2) NtOpenProcess kernel SSDT hooks. | |||||
| CVE-2008-0892 | 1 Redhat | 2 Directory Server, Fedora Directory Server | 2025-04-09 | 9.0 HIGH | N/A |
| The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands. | |||||
| CVE-2009-1219 | 1 Sun | 2 Java System Calendar Server, One Calendar Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter. | |||||
| CVE-2008-6944 | 1 Scriptsfeed | 1 Auto Classifieds | 2025-04-09 | 6.5 MEDIUM | N/A |
| Unrestricted file upload vulnerability in ScriptsFeed Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in cars_images/. | |||||
| CVE-2008-6662 | 2 Avg, Linux | 2 Avg Anti-virus, Linux Kernel | 2025-04-09 | 4.3 MEDIUM | N/A |
| AVG Anti-Virus for Linux 7.5.51, and possibly earlier, allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via a malformed UPX compressed file, which triggers memory corruption. | |||||
| CVE-2008-1746 | 1 Cisco | 1 Unified Communications Manager | 2025-04-09 | 7.8 HIGH | N/A |
| The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113. | |||||
| CVE-2008-0672 | 1 Tintin | 2 Tintin\+\+, Wintin\+\+ | 2025-04-09 | 5.0 MEDIUM | N/A |
| The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (application crash) via a YES message without a newline character, which triggers a NULL dereference. | |||||
| CVE-2009-3549 | 2 Sun, Wireshark | 2 Sparc, Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
| packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. | |||||
| CVE-2007-5541 | 1 Opera | 1 Opera Browser | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors. | |||||
| CVE-2008-3790 | 1 Ruby-lang | 1 Ruby | 2025-04-09 | 5.0 MEDIUM | N/A |
| The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explosion." | |||||
| CVE-2008-3117 | 1 Phpmotion | 1 Phpmotion | 2025-04-09 | 6.5 MEDIUM | N/A |
| Unrestricted file upload vulnerability in update_profile.php in PHPmotion 2.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a .php file with a content type of (1) image/gif, (2) image/jpeg, or (3) image/pjpeg, then accessing it via a direct request to the file under pictures/. | |||||
| CVE-2008-2134 | 1 Tru-zone | 1 Nukeet | 2025-04-09 | 6.8 MEDIUM | N/A |
| The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie. | |||||
| CVE-2008-0527 | 1 Cisco | 3 Session Initiation Protocol \(sip\) Firmware, Skinny Client Control Protocol \(sccp\) Firmware, Unified Ip Phone | 2025-04-09 | 7.8 HIGH | N/A |
| The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request. | |||||
| CVE-2007-6314 | 1 Real Time Logic | 2 Barracudadrive Web Server, Barracudadrive Web Server Home Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| BarracudaDrive Web Server before 3.8 allows remote attackers to read the source code for web scripts by appending a (1) + (plus), (2) . (dot), or (3) %80 and similar characters to the file name in the URL. | |||||
| CVE-2009-0744 | 1 Apple | 1 Safari | 2025-04-09 | 5.0 MEDIUM | N/A |
| Apple Safari 4 Beta build 528.16 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a feeds: URI beginning with a (1) % (percent), (2) { (open curly bracket), (3) } (close curly bracket), (4) ^ (caret), (5) ` (backquote), or (6) | (pipe) character, followed by an & (ampersand) character. | |||||
| CVE-2008-3005 | 1 Microsoft | 1 Office | 2025-04-09 | 9.3 HIGH | N/A |
| Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vulnerability." | |||||
| CVE-2007-6596 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | 5.0 MEDIUM | N/A |
| ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file. | |||||