| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple unspecified vulnerabilities in Oracle Management Service for Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors, aka Oracle Vuln# EM03 and EM04. |
| Unspecified vulnerability in Enterprise Config Management for Oracle Enterprise Manager 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# EM02. |
| Unspecified vulnerability in CORE: Repository for Oracle Enterprise Manager 9.0.1.0 and 9.2.0.1 has unknown impact and attack vectors, aka Oracle Vuln# EM01. |
| Multiple unspecified vulnerabilities in Oracle Exchange for Oracle E-Business Suite and Applications 6.2.4 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS16 and (2) APPS17. |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS03 and (2) APPS04 for Oracle Application Object Library; and (3) APPS20 for Oracle XML Gateway. |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS01 for Internet Expenses; (2) APPS02, (3) APPS05, (4) APPS06, (5) APPS07, (6) APPS08, (7) APPS09, and (8) APPS10 for Oracle Application Object Library; (9) APPS11, (10) APPS12, and (11) APPS13 for Oracle Applications Technology Stack; (12) APPS14 for Oracle Call Center Technology; (13) APPS15 for Oracle Common Applications; (14) APPS18 for Oracle Self-Service Web Applications; and (15) APPS19 for Oracle Workflow Cartridge. |
| Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter. |
| xsoldier program allows local users to gain root access via a long argument. |
| Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. |
| Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. |
| Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command. |
| War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections. |
| Netscape Navigator uses weak encryption for storing a user's Netscape mail password. |
| Cisco Cache Engine allows a remote attacker to gain access via a null username and password. |
| Unspecified vulnerability in OC4J for Oracle Application Server 10.1.3.0 has unknown impact and attack vectors, aka Oracle Vuln# AS09. |
| Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter. |
| The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. |
| Unspecified vulnerability in OC4J for Oracle Application Server 9.0.4.2 and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# AS07. |
| BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file. |
| Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet. |
