Export limit exceeded: 357114 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 35476 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35476 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0276 | 1 Ibm | 3 Domino Web Access, Lotus Domino, Lotus Inotes | 2026-04-23 | N/A |
| IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU. | ||||
| CVE-2010-0076 | 1 Oracle | 1 Database | 2026-04-23 | N/A |
| Unspecified vulnerability in the Application Express Application Builder component in Oracle Database 3.2.1.00.10 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2010-0075 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors. | ||||
| CVE-2010-0074 | 1 Oracle | 1 Bea Product Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 7.0SP7, 8.1SP6, 9.0, 9.1, 9.2MP3, 10.0MP2, and 10.3.1 allows remote attackers to affect availability via unknown vectors. | ||||
| CVE-2010-0072 | 1 Oracle | 1 Secure Backup | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a buffer overflow in observiced.exe that allows remote attackers to execute arbitrary code via vectors related to a "reverse lookup of connections" to TCP port 10000. | ||||
| CVE-2010-0071 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2010-0070 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect integrity via unknown vectors. | ||||
| CVE-2010-0069 | 1 Oracle | 1 Bea Product Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 7.0, SP7, 8.1SP6, 9.0, 9.1, 9.2MP3, 10.0MP1, and 10.3.0 allows remote attackers to affect integrity via unknown vectors. | ||||
| CVE-2010-0068 | 1 Oracle | 1 Bea Product Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2MP2, and 10.0 allows remote attackers to affect confidentiality via unknown vectors. | ||||
| CVE-2010-0067 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect confidentiality via unknown vectors. | ||||
| CVE-2010-0066 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Access Manager Identity Server component in Oracle Application Server 7.0.4.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors. | ||||
| CVE-2009-4492 | 2 Redhat, Ruby-lang | 3 Enterprise Linux, Ruby, Webrick | 2026-04-23 | N/A |
| WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | ||||
| CVE-2009-4487 | 1 F5 | 1 Nginx | 2026-04-23 | N/A |
| nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | ||||
| CVE-2009-4483 | 1 Mailsite | 1 Mailsite | 2026-04-23 | N/A |
| Unspecified vulnerability in LDAP3A.exe in MailSite 8.0.4 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.13 through 8.11. NOTE: as of 20091229, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2009-4457 | 1 Provider4u | 1 Vsftpd Webmin Module | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the Vsftpd Webmin module before 1.3b for the Vsftpd server have unknown impact and attack vectors related to "Some security issues." | ||||
| CVE-2009-4444 | 1 Microsoft | 1 Internet Information Services | 2026-04-23 | N/A |
| Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a (1) .asp, (2) .cer, or (3) .asa first extension, followed by a semicolon and a safe extension, as demonstrated by the use of asp.dll to handle a .asp;.jpg file. | ||||
| CVE-2009-4443 | 1 Sun | 1 Java System Directory Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the psearch (aka persistent search) functionality in Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service (psearch outage) by using a crafted psearch client to send requests that trigger a psearch thread loop, aka Bug Id 6855978. | ||||
| CVE-2009-4439 | 1 Ibm | 1 Db2 | 2026-04-23 | N/A |
| Unspecified vulnerability in the Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (instance crash) by compiling a SQL query. | ||||
| CVE-2009-4405 | 1 Edgewall | 1 Trac | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils < 0.6." | ||||
| CVE-2009-4404 | 1 Jochen Striepe | 1 T-prot | 2026-04-23 | N/A |
| Unspecified vulnerability in t-prot (TOFU Protection) before 2.8 allows remote attackers to cause a denial of service via unspecified vectors related to the "--maxlines" option and a crafted email message. NOTE: some of these details are obtained from third party information. | ||||