Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-3900 1 Ibm 2 Aix, Powerha 2026-04-23 N/A
Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port (6177/tcp).
CVE-2007-3845 2 Microsoft, Mozilla 4 Windows Xp, Firefox, Seamonkey and 1 more 2026-04-23 8.8 High
Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler."
CVE-2009-3408 1 Oracle 1 E-business Suite 2026-04-23 N/A
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2007-6207 2 Redhat, Xensource Inc 2 Enterprise Linux, Xen 2026-04-23 N/A
Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_to_rr, which allows a VTi domain to read memory of other domains.
CVE-2007-0280 1 Oracle 3 Application Server, Collaboration Suite, Http Server 2026-04-23 N/A
Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN01. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that OPMN01 is for a buffer overflow in Oracle Notification Service (ONS).
CVE-2009-3588 4 Broadcom, Ca, Linux and 1 more 35 Anti-virus, Anti-virus For The Enterprise, Anti-virus Sdk and 32 more 2026-04-23 N/A
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.
CVE-2009-1598 1 Google 1 Chrome 2026-04-23 N/A
Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a web site that permits PDF uploads by untrusted users, and therefore has a shared document.domain between the web site and this javascript: URI. NOTE: the researcher reports that Adobe's position is "a PDF file is active content."
CVE-2007-6532 1 Xfce 1 Xfce 2026-04-23 N/A
Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."
CVE-2008-5006 1 University Of Washington 1 Imap Toolkit 2026-04-23 N/A
smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP servers to cause a denial of service (NULL pointer dereference and application crash) by responding to the QUIT command with a close of the TCP connection instead of the expected 221 response code.
CVE-2008-4925 1 Mw6 Technologies 1 Datamatrix Activex 2026-04-23 N/A
Multiple insecure method vulnerabilities in MW6 Technologies DataMatrix ActiveX control (DATAMATRIXLib.MW6DataMatrix, DataMatrix.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods.
CVE-2008-3978 1 Oracle 1 Database 10g 2026-04-23 N/A
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
CVE-2008-6895 1 3cx 1 Phone System 2026-04-23 N/A
3CX Phone System 6.0.806.0 allows remote attackers to cause a denial of service (unstable service or crash) via unspecified vectors, as demonstrated by vulnerability scans from Nessus or SAINT.
CVE-2007-6419 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
CVE-2009-3943 1 Microsoft 1 Internet Explorer 2026-04-23 N/A
Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (application hang) via a JavaScript loop that configures the home page by using the setHomePage method and a DHTML behavior property.
CVE-2007-2907 1 Ssl-explorer 1 Ssl-explorer 2026-04-23 N/A
Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote authenticated users to enter redirect URLs containing (1) JavaScript or (2) HTTP headers via an unspecified vector, possibly the forwardTo parameter to redirect.do. NOTE: the impact might be cross-site scripting (XSS) or HTTP request smuggling.
CVE-2009-3113 1 Oxid 1 Eshop 2026-04-23 N/A
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter.
CVE-2008-3537 1 Hp 1 Openview Network Node Manager 2026-04-23 N/A
Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536.
CVE-2009-1359 1 Sun 1 Opensolaris 2026-04-23 N/A
Unspecified vulnerability in the SCTP sockets implementation in Sun OpenSolaris snv_106 through snv_107 allows local users to cause a denial of service (panic) via unknown vectors.
CVE-2009-2656 1 Google 1 Android 2026-04-23 N/A
Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009.
CVE-2009-1986 1 Oracle 1 E-business Suite 2026-04-23 N/A
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality via unknown vectors.