Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3349 | 2 Ibm, Netapp | 3 N Series Storage Server, Data Ontap, Fas900 | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160. | ||||
| CVE-2008-6110 | 1 Semanticscuttle | 1 Semanticscuttle | 2026-04-23 | N/A |
| Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php. | ||||
| CVE-2009-2643 | 1 Rim | 2 Blackberry Enterprise Server, Blackberry Professional Software | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219. | ||||
| CVE-2009-2596 | 1 Sun | 2 Opensolaris, Solaris | 2026-04-23 | N/A |
| Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members. | ||||
| CVE-2009-2561 | 1 Wireshark | 1 Wireshark | 2026-04-23 | N/A |
| Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors. | ||||
| CVE-2008-6417 | 1 Greensql | 1 Greensql-console | 2026-04-23 | N/A |
| Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows attackers to obtain the "installation directory" via unknown vectors. | ||||
| CVE-2009-2486 | 1 Sun | 2 Opensolaris, Solaris | 2026-04-23 | N/A |
| Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv_120, allows remote attackers to cause a denial of service (panic) via unspecified packets. | ||||
| CVE-2009-2456 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN). | ||||
| CVE-2008-6578 | 1 Nortel | 1 Cs1000 | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. | ||||
| CVE-2008-6690 | 1 Typo3 | 2 Nd Antispam, Typo3 | 2026-04-23 | N/A |
| Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors. | ||||
| CVE-2009-1805 | 1 Vmware | 7 Ace, Esx, Esxi and 4 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors. | ||||
| CVE-2009-1899 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Administrative Configservice API in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.25, and 7.0 before 7.0.0.5 on z/OS allows remote authenticated users to obtain sensitive information via unknown use of the wsadmin scripting tool, related to a "security exposure in wsadmin." | ||||
| CVE-2009-2426 | 1 Tor | 1 Tor | 2026-04-23 | N/A |
| The connection_edge_process_relay_cell_not_open function in src/or/relay.c in Tor 0.2.x before 0.2.0.35 and 0.1.x before 0.1.2.8-beta allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1903 | 2 Fedoraproject, Trustwave | 2 Fedora, Modsecurity | 2026-04-23 | N/A |
| The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method. | ||||
| CVE-2009-1999 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers to affect integrity via unknown vectors. | ||||
| CVE-2009-1991 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an established researcher that this is for multiple SQL injection vulnerabilities via the (1) idx_owner or (2) idx_name parameters to the create_tables procedure. | ||||
| CVE-2009-1966 | 1 Oracle | 2 Database Server, Enterprise Manager | 2026-04-23 | N/A |
| Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1967. | ||||
| CVE-2009-1974 | 1 Oracle | 1 Bea Product Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Servlet Container Package. | ||||
| CVE-2009-1978 | 1 Oracle | 1 Secure Backup | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows remote authenticated users to execute arbitrary code with SYSTEM privileges via vectors involving property_box.php. | ||||
| CVE-2009-1988 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS eProfile Manager component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1, 8.9 Bundle 19, and 9.0 Bundle 9 allows remote authenticated users to affect confidentiality via unknown vectors. | ||||