| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5441 and CVE-2008-5442. |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5441 and CVE-2008-5443. |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5442 and CVE-2008-5443. |
| Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue allows remote authenticated users to obtain APEX password hashes from the WWV_FLOW_USERS table via a SELECT statement. |
| Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0989. |
| PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox. |
| Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this is a format string vulnerability via the msg parameter in the evtdump CGI module. |
| Unspecified vulnerability in the udp subsystem in the kernel in Sun Solaris 10, and OpenSolaris snv_90 through snv_108, when Solaris Trusted Extensions is enabled, allows remote attackers to cause a denial of service (panic) via unspecified vectors involving the crgetlabel function, related to a "TX panic." NOTE: this issue exists because of a regression in earlier kernel patches. |
| Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors. |
| Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. |
| Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI." |
| Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality via unknown vectors. |
| Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors. |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors. |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors. |
| Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Charlie Miller during a PWN2OWN competition at CanSecWest 2009. |
| Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that triggers access to an incorrect object type. |
| Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore. |
| Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors. |
| Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886. |