Search Results (4046 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2979 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2026-04-23 N/A
Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.
CVE-2009-2981 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2026-04-23 N/A
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors.
CVE-2009-1870 2 Adobe, Redhat 4 Air, Flash Player, Flex and 1 more 2026-04-23 N/A
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."
CVE-2009-2948 2 Redhat, Samba 3 Enterprise Linux, Rhel Extras, Samba 2026-04-23 N/A
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option.
CVE-2009-3867 3 Microsoft, Redhat, Sun 9 Windows, Network Satellite, Rhel Extras and 6 more 2026-04-23 N/A
Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.
CVE-2009-2723 2 Redhat, Sun 2 Rhel Extras, Java Se 2026-04-23 N/A
Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.
CVE-2009-2675 2 Redhat, Sun 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more 2026-04-23 N/A
Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.
CVE-2008-1186 2 Redhat, Sun 4 Rhel Extras, Jdk, Jre and 1 more 2026-04-23 N/A
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."
CVE-2008-1187 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms.
CVE-2008-1188 2 Redhat, Sun 4 Network Satellite, Rhel Extras, Jdk and 1 more 2026-04-23 N/A
Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues."
CVE-2008-1191 2 Redhat, Sun 3 Rhel Extras, Jdk, Jre 2026-04-23 N/A
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue."
CVE-2008-1193 2 Redhat, Sun 4 Network Satellite, Rhel Extras, Jdk and 1 more 2026-04-23 N/A
Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application.
CVE-2008-1195 3 Canonical, Redhat, Sun 6 Ubuntu Linux, Network Satellite, Rhel Extras and 3 more 2026-04-23 N/A
Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.
CVE-2008-1196 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file.
CVE-2008-3107 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
CVE-2009-3865 2 Redhat, Sun 4 Network Satellite, Rhel Extras, Jdk and 1 more 2026-04-23 N/A
The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752.
CVE-2009-2997 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2026-04-23 N/A
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.
CVE-2009-0658 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2026-04-23 7.8 High
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
CVE-2009-3874 3 Microsoft, Redhat, Sun 10 Windows, Enterprise Linux, Network Satellite and 7 more 2026-04-23 N/A
Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.
CVE-2008-2086 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion" and CR 6694892.