Design/Logic Flaw

Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impact and remote attack vectors, related to "object injection."...

Code injection

Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors...

Design/Logic Flaw

lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors...

CVE-2010-4802

CVE-2010-4802 affects Mojolicious (libmojolicious-perl) up to version 0.999928. Root cause: improper CGI environment detection in Commands.pm, leading to unspecified impact and remote attack vectors. Mitigation per Debian DSA-2239-1: upgrade to fixed packages (stable: 0.999926-1+squeeze2; sid: 1....

Design/Logic Flaw

Unspecified vulnerability in Shindig-Integrator 5.x, a module for Drupal, has unspecified impact and remote attack vectors related to "numerous flaws" that are not related to XSS or access control, a different vulnerability than CVE-2008-4596 and CVE-2008-4597...

CVE-2008-3691

CVE-2008-3691 corresponds to an unspecified vulnerability in a VMware ActiveX control. Affected products include VMware Workstation 5.5.x up to 5.5.8-108000, VMware Workstation 6.0.x up to 6.0.5-109488, VMware Player 1.x up to 1.0.8-108000, VMware Player 2.x up to 2.0.5-109488, VMware ACE 1.x up ...

CVE-2008-2611

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors...

CVE-2008-2610

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors...

CVE-2008-2582

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors...

CVE-2008-2607

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMSAQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracl...

CVE-2008-2610

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors...

CVE-2008-0342

Unspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB05...

CVE-2007-5524

Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS09 or AS9...

CVE-2007-3420

The Random Cookie Password functionality in the loaduser function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP before 0.9.9.7 does not clear the 1 username, 2 password, 3 usertheme, and 4 userlang cookies for unauthorized users, which has unknown impact and remote attack vectors...

CVE-2006-5373

Unspecified vulnerability in Oracle Install Base component in Oracle E-Business Suite 11.5.10CU1 has unknown impact and remote authenticated attack vectors, aka Vuln APPS13...