Search Results (34218 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4402 1 Mirc 1 Mirc 2025-04-09 N/A
Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
CVE-2007-5276 1 Opera 1 Opera Browser 2025-04-09 N/A
Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80.
CVE-2008-1205 1 Sun 1 Solaris 2025-04-09 N/A
Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors.
CVE-2009-3836 1 Arubanetworks 2 Aruba Mobility Controller, Arubaos 2025-04-09 N/A
ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the Aruba Mobility Controller allows remote attackers to cause a denial of service (Access Point crash) via a malformed 802.11 Association Request management frame.
CVE-2008-2051 2 Php, Redhat 3 Php, Enterprise Linux, Rhel Application Stack 2025-04-09 N/A
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
CVE-2008-2054 1 Cisco 1 Ciscoworks Common Services 2025-04-09 N/A
Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a client machine via unknown vectors.
CVE-2008-2057 1 Cisco 2 Adaptive Security Appliance Software, Pix Security Appliance 2025-04-09 N/A
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.
CVE-2008-2323 1 Apple 2 Data Detectors Engine, Mac Os X 2025-04-09 N/A
Unspecified vulnerability in Data Detectors Engine in Apple Mac OS X 10.5.4 allows attackers to cause a denial of service (resource consumption) via crafted textual content in messages.
CVE-2008-2424 1 Icdevgroup 1 Interchange 2025-04-09 N/A
Unspecified vulnerability in the 404 error page for the "Standard demo" in Interchange before 5.6.0 and before 5.5.2 has unknown impact and attack vectors.
CVE-2008-2441 1 Cisco 2 Secure Access Control Server, Secure Acs 2025-04-09 N/A
Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, and 4.2.x before 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated users to cause a denial of service (CSRadius and CSAuth service crash) or possibly execute arbitrary code via a crafted RADIUS (1) EAP-Response/Identity, (2) EAP-Response/MD5, or (3) EAP-Response/TLS Message Attribute packet.
CVE-2008-2470 1 Macrovision 1 Flexnet Connect 2025-04-09 N/A
The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service (memory corruption and browser crash) and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response.
CVE-2009-3935 1 Ibm 2 Advanced Management Module Firmware, Bladecenter 2025-04-09 N/A
Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors.
CVE-2008-2576 1 Oracle 1 Weblogic Server 2025-04-09 N/A
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors.
CVE-2009-0979 1 Oracle 1 Database 9i 2025-04-09 N/A
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2008-2577 1 Oracle 1 Weblogic Server 2025-04-09 N/A
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors.
CVE-2008-2580 1 Oracle 2 Bea Product Suite, Weblogic Server Component 2025-04-09 N/A
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 has unknown impact and remote attack vectors.
CVE-2008-2581 1 Oracle 2 Bea Product Suite, Weblogic Server Component 2025-04-09 N/A
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer.
CVE-2008-2582 1 Oracle 2 Bea Product Suite, Weblogic Server Component 2025-04-09 N/A
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors.
CVE-2009-0993 1 Oracle 1 Application Server 2025-04-09 N/A
Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is a format string vulnerability that allows remote attackers to execute arbitrary code via format string specifiers in an HTTP POST URI, which are not properly handled when logging to opmn/logs/opmn.log.
CVE-2008-2786 1 Mozilla 1 Firefox 2025-04-09 N/A
Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack of details as of 20080619, it is not clear whether this is the same issue as CVE-2008-2785. A CVE identifier has been assigned for tracking purposes.