| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function. |
| Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitation requires that the product is configured, but has zero files in the database. |
| Unspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB05. |
| Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01. |
| Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors. |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.15 and 8.49.07 has unknown impact and remote attack vectors, aka PSE02. |
| Unspecified vulnerability in the Oracle Self-Service Web Applications component in client-only installations of Oracle E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka APP08. |
| Unspecified vulnerability in the Collaborative Workspaces component in Oracle Collaboration Suite 10.1.2 allows remote authenticated users to affect confidentiality via unknown vectors. |
| Unspecified vulnerability in Microsoft Word 2004 for Mac and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word file, a different issue than CVE-2006-3647 and CVE-2006-3651. |
| Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. |
| Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984. |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10.1.2.2, and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS11. |
| Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920. |
| Unspecified vulnerability in futomi's CGI Cafe Access Analyzer CGI Professional Version 4.11.5 and earlier allows remote attackers to gain administrative privileges via unknown vectors. |
| Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.2, and 10.1.4.0, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS08. |
| Multiple insecure method vulnerabilities in an ActiveX control in (epRegPro.ocx) in Evans Programming Registry Pro allow remote attackers to read and modify sensitive registry keys via the (1) About, (2) CreateKey, (3) DeleteBranch, (4) DeleteKey, (5) DeleteValue, (6) EnumKeys, (7) EnumValues, (8) QueryType, (9) QueryValue, (10) RenameKey, and (11) SetValue methods. |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.4.1 has unknown impact and remote attack vectors, aka AS07. |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.2, and 10.1.3.3, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS06. |
| The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls. |
| Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 10.1.3.2 has unknown impact and remote attack vectors, aka AS03. |
