Export limit exceeded: 362446 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362446 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0966 | 1 Yabsoft | 1 Mega File Hosting Script | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences. | ||||
| CVE-2009-0967 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-23 | N/A |
| The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote authenticated users to cause a denial of service (service hang) via a large number of SMNT commands without an argument. | ||||
| CVE-2009-0969 | 1 Phpfox | 1 Phpfox | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in account/settings/account/index.php in phpFoX 1.6.21 allows remote attackers to hijack the authentication of administrators for requests that change the email address via the act[update] action. | ||||
| CVE-2009-0970 | 1 Phpprobid | 1 Php Pro Bid | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/class_image.php in PHP Pro Bid 6.05, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the fileExtension parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-0973 | 1 Oracle | 1 Database 10g | 2026-04-23 | N/A |
| Unspecified vulnerability in the Cluster Ready Services component in Oracle Database 10.1.0.5 allows remote attackers to affect availability via unknown vectors. | ||||
| CVE-2009-0984 | 1 Oracle | 3 Database 10g, Database 11g, Database 9i | 2026-04-23 | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL. | ||||
| CVE-2009-0985 | 1 Oracle | 2 Database 10g, Database 11g | 2026-04-23 | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users with the IMP_FULL_DATABASE role to affect confidentiality, integrity, and availability. | ||||
| CVE-2009-0986 | 1 Oracle | 2 Database 10g, Database 11g | 2026-04-23 | N/A |
| Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2009-0988 | 1 Oracle | 1 Database 11g | 2026-04-23 | N/A |
| Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. | ||||
| CVE-2009-0989 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0990. | ||||
| CVE-2009-0990 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0989. | ||||
| CVE-2009-0991 | 1 Oracle | 3 Database 10g, Database 11g, Database 9i | 2026-04-23 | N/A |
| Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970. | ||||
| CVE-2009-0992 | 1 Oracle | 2 Database 10g, Database 11g | 2026-04-23 | N/A |
| Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is SQL injection in the DEQ_EXEJOB procedure. | ||||
| CVE-2009-0994 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017. | ||||
| CVE-2009-0996 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the BI Publisher component in Oracle Application Server 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors. | ||||
| CVE-2009-0997 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, related to DBMS_SYS_SQL. | ||||
| CVE-2009-0998 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS - eBenefits component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | ||||
| CVE-2009-0999 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2009-1000 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors. | ||||
| CVE-2009-1002 | 1 Oracle | 1 Bea Product Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors. | ||||