Total
34887 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3960 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server (WAS) before Fix Pack 21 (6.0.2.21) have unknown impact and attack vectors, aka (1) PK33799, or (2) a "Potential security exposure" in the Samples component (PK40213). | ||||
| CVE-2008-4594 | 2 Linksys, Marvell | 2 Wap400n, 88w8361p-bem1 | 2026-04-23 | N/A |
| Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. | ||||
| CVE-2007-4493 | 1 Ez | 1 Ez Publish | 2026-04-23 | N/A |
| eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module. | ||||
| CVE-2009-3588 | 4 Broadcom, Ca, Linux and 1 more | 35 Anti-virus, Anti-virus For The Enterprise, Anti-virus Sdk and 32 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. | ||||
| CVE-2007-5524 | 1 Oracle | 2 Application Server, Collaboration Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS09 or AS9. | ||||
| CVE-2007-6350 | 1 Scponly | 1 Scponly | 2026-04-23 | N/A |
| scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks. | ||||
| CVE-2007-6504 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-23 | N/A |
| Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the headers of arbitrary hosts via an unspecified parameter. | ||||
| CVE-2007-6610 | 1 Debian | 1 Unp | 2026-04-23 | N/A |
| unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third party product. | ||||
| CVE-2007-6685 | 1 Menalto | 1 Gallery Publish Xp Module | 2026-04-23 | N/A |
| Unspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors. | ||||
| CVE-2009-2035 | 1 Drupal | 1 Services Module For Drupal | 2026-04-23 | N/A |
| Unspecified vulnerability in Services 6.x before 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote attackers to read or add keys and access unauthorized services via unspecified vectors. | ||||
| CVE-2009-2012 | 1 Sun | 1 Opensolaris | 2026-04-23 | N/A |
| Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) via unknown vectors. | ||||
| CVE-2009-2029 | 1 Sun | 2 Opensolaris, Solaris | 2026-04-23 | N/A |
| Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. | ||||
| CVE-2007-0634 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets. | ||||
| CVE-2009-1995 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_AQ_INV. | ||||
| CVE-2006-5654 | 1 Sun | 2 Java System Web Server, One Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127. | ||||
| CVE-2006-6136 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors. | ||||
| CVE-2008-4323 | 1 Microsoft | 1 Windows Xp | 2026-04-23 | N/A |
| Windows Explorer in Microsoft Windows XP SP3 allows user-assisted attackers to cause a denial of service (application crash) via a crafted .ZIP file. | ||||
| CVE-2008-4325 | 1 Viewvc | 1 Viewvc | 2026-04-23 | N/A |
| lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the HTTP request for the Content-Type header in the HTTP response, which allows remote attackers to cause content to be misinterpreted by the browser via a content-type parameter that is inconsistent with the requested object. NOTE: this issue might not be a vulnerability, since it requires attacker access to the repository that is being viewed. | ||||
| CVE-2008-4358 | 1 Spaw Editor | 1 Spaw Php | 2026-04-23 | N/A |
| Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP Edition before 2.0.8.1 has unknown impact and attack vectors, probably related to directory traversal sequences in the theme name. | ||||
| CVE-2008-4398 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request. | ||||