Export limit exceeded: 362495 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 362495 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0278 | 1 Oracle | 1 E-business Suite | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS02 in the (a) CRM Technical Foundation component; (2) APPS03 in the (b) iProcurement component; and (3) APPS04, (4) APPS05, and (5) APPS06 in the Oracle Application Object Library component. | ||||
| CVE-2006-0277 | 1 Oracle | 1 E-business Suite | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS07 in the (b) Oracle Applications Framework component; (3) APPS08, (4) APPS09, (5) APPS10, and (6) APPS11 in the (c) Oracle Applications Technology Stack component; (7) APPS12 in the (d) Oracle Human Resources component; (8) APPS15 and (9) APPS16 in the (e) Oracle Marketing component; (10) APPS17 in the (f) Marketing Encyclopedia System component; (11) APPS18 in the (g) Oracle Trade Management component; and (12) APPS19 in the (h) Oracle Web Applications Desktop Integration component. | ||||
| CVE-2006-0276 | 1 Oracle | 1 Collaboration Suite | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Oracle Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i) have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) OCS01, 2) OCS02, 3) OCS03, 4) OCS04, 5) OCS05, 6) OCS06, 7) OCS07, (8) OCS08, and (9) OCS09 in the (a) Email Server component; 10) OCS10 (and (11) OCS11 in the (b) Oracle Collaboration Suite Wireless & Voice (component; 12) OCS12 and (13) OCS13 in the (c) Oracle Content (Management SDK component; 14) OCS14 and (15) OCS15 in the (d) Oracle (Content Services component. | ||||
| CVE-2006-0274 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 and 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# REP03. | ||||
| CVE-2006-0272 | 1 Oracle | 2 Oracle10g, Oracle9i | 2026-04-16 | N/A |
| Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS. | ||||
| CVE-2006-0271 | 1 Oracle | 4 Database Server, Oracle10g, Oracle8i and 1 more | 2026-04-16 | N/A |
| Unspecified vulnerability in the Upgrade & Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the DBMS_REGISTRY package in certain parameters to the (1) IS_COMPONENT, (2) GET_COMP_OPTION, (3) DISABLE_DDL_TRIGGERS, (4) SCRIPT_EXISTS, (5) COMP_PATH, (6) GATHER_STATS, (7) NOTHING_SCRIPT, and (8) VALIDATE_COMPONENTS functions. | ||||
| CVE-2006-0269 | 1 Oracle | 1 Oracle10g | 2026-04-16 | N/A |
| Unspecified vulnerability in the Streams Capture component of Oracle Database server 10.1.0.5 and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB25. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the SET_DIRECTORY_ROOT function in the DBMS_CDC_PUBLISH package. | ||||
| CVE-2006-0266 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB19. | ||||
| CVE-2006-0263 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB09 in the (a) Net Listener component; and (2) DB12 and (3) DB13 in the Network Communications (RPC) component. | ||||
| CVE-2006-0261 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB07 in the Dictionary component and (2) DB14 in the Oracle Label Security component. NOTE: Oracle has not disputed reliable researcher claims that DB07 involves plaintext storage of the TDE wallet password in a trace file by event 10053. | ||||
| CVE-2006-0259 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB16 in the (c) Oracle Text component. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that DB06 is SQL injection in the GENERATE_JOB_NAME, GET_WORKERSTATUSLIST1010, GET_PARAMVALUES1010, GET_DUMPFILESET1010, GET_JOBSTATUS1010, ATTACH, and ESTABLISH_REMOTE_CONTEXT functions in DBMS_DATAPUMP. | ||||
| CVE-2006-4112 | 1 Rubyonrails | 1 Rails | 2026-04-16 | N/A |
| Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111. | ||||
| CVE-2005-4045 | 1 Sun | 1 Java Communications Services Delegated Administrator | 2026-04-16 | N/A |
| Unspecified vulnerability in System Communications Services 6 Delegated Administrator 2005Q1 in Sun Java System Messaging Server 2005Q1 allows remote attackers to obtain the Top-Level Administrator (TLA) default password via unknown vectors, possibly involving configure_toplevel_admin.ldif. | ||||
| CVE-2006-3958 | 1 Pkr Internet | 1 Taskjitsu | 2026-04-16 | N/A |
| Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the Search Tasks system, or authenticated users via (2) the Edit Task system, (3) the back-end Category Editor system, and (4) "Pages that display task status, email addresses, URL, customer, and project information." | ||||
| CVE-2006-3335 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors. | ||||
| CVE-2006-1727 | 3 Canonical, Mozilla, Redhat | 6 Ubuntu Linux, Firefox, Mozilla Suite and 3 more | 2026-04-16 | N/A |
| Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview". | ||||
| CVE-2005-3749 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5.3 have unknown impact and attack vectors. | ||||
| CVE-2006-1870 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors in the Export component, aka Vuln# DB05. NOTE: details are unavailable from Oracle, but as of 20060427, they have not publicly commented on whether DB05 is the same issue as CVE-2006-2081. | ||||
| CVE-2006-1468 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information. | ||||
| CVE-2006-0030 | 1 Microsoft | 2 Excel, Office | 2026-04-16 | N/A |
| Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption. | ||||