Total
5279 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0477 | 1 Sun | 1 Opensolaris | 2011-03-07 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv_100 allows local users to gain privileges via vectors related to the contract filesystem. | |||||
| CVE-2009-0014 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-07 | 2.1 LOW | N/A |
| Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder. | |||||
| CVE-2008-5675 | 1 Ibm | 1 Websphere Portal | 2011-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI." | |||||
| CVE-2008-4831 | 1 Adobe | 1 Coldfusion | 2011-03-07 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ColdFusion MX 7.0.2 allows local users to bypass sandbox restrictions, and obtain sensitive information or possibly gain privileges, via unknown vectors. | |||||
| CVE-2008-3826 | 1 Condor Project | 1 Condor | 2011-03-07 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors. | |||||
| CVE-2008-3631 | 1 Apple | 1 Ipod Touch | 2011-03-07 | 7.1 HIGH | N/A |
| Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, does not properly isolate third-party applications, which allows attackers to read arbitrary files in a third-party application's sandbox via a different third-party application. | |||||
| CVE-2008-3830 | 1 Condor Project | 1 Condor | 2011-03-07 | 7.2 HIGH | N/A |
| Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions. | |||||
| CVE-2008-3488 | 1 Novell | 1 Imanager | 2011-03-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Novell iManager before 2.7 SP1 (2.7.1) allows remote attackers to delete Plug-in Studio created Property Book Pages via unknown vectors. | |||||
| CVE-2008-1995 | 1 Sun | 1 Java System Directory Server | 2011-03-07 | 7.5 HIGH | N/A |
| Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server. | |||||
| CVE-2008-2306 | 2 Apple, Microsoft | 3 Safari, Windows Vista, Windows Xp | 2011-03-07 | 9.3 HIGH | N/A |
| Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRISK Internet Explorer zone setting, which allows remote attackers to bypass intended access restrictions, and force a client system to download and execute arbitrary files. | |||||
| CVE-2008-1596 | 1 Ibm | 1 Aix | 2011-03-07 | 7.2 HIGH | N/A |
| Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to missing checks in the TSD_FILES_LOCK policy for modifications performed via hard links, a different vulnerability than CVE-2007-6680. | |||||
| CVE-2008-1592 | 3 Hp, Ibm, Tandem Computers | 3 Nonstop, Websphere Mq, Tandem Operating System | 2011-03-07 | 4.6 MEDIUM | N/A |
| MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does not require mqm group membership for execution of administrative tasks, which allows local users to bypass intended access restrictions via the runmqsc program, related to "Pathway panels." | |||||
| CVE-2008-0898 | 1 Bea | 1 Weblogic Server | 2011-03-07 | 5.8 MEDIUM | N/A |
| The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queue, which allows remote authenticated users to bypass intended access restrictions for protected distributed queues. | |||||
| CVE-2008-0697 | 1 Ibm | 1 Db2 | 2011-03-07 | 7.2 HIGH | N/A |
| Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors. | |||||
| CVE-2008-0897 | 1 Bea | 1 Weblogic Server | 2011-03-07 | 7.9 HIGH | N/A |
| Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member destination, related to durable subscriptions. | |||||
| CVE-2008-0741 | 1 Ibm | 1 Websphere Application Server | 2011-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the PropFilePasswordEncoder utility in IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) has unknown impact and attack vectors. | |||||
| CVE-2008-0862 | 1 Ibm | 1 Lotus Notes | 2011-03-07 | 4.3 MEDIUM | N/A |
| IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection. | |||||
| CVE-2008-0896 | 1 Bea Systems | 1 Weblogic Portal | 2011-03-07 | 4.9 MEDIUM | N/A |
| BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator deletes a single instance of a content portlet, removes entitlement policies for other content portlets, which allows attackers to bypass intended access restrictions. | |||||
| CVE-2008-0664 | 1 Wordpress | 1 Wordpress | 2011-03-07 | 6.4 MEDIUM | N/A |
| The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors. | |||||
| CVE-2008-0696 | 1 Ibm | 1 Db2 | 2011-03-07 | 7.5 HIGH | N/A |
| IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors. | |||||