Search
Total
5300 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4033 | 1 Tim Hockin | 1 Acpid | 2017-09-19 | 6.9 MEDIUM | N/A |
| A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this file, or gain privileges by executing this file. | |||||
| CVE-2009-3988 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-19 | 5.0 MEDIUM | N/A |
| Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values. | |||||
| CVE-2009-3949 | 1 Vivaprograms | 1 Infinity Script | 2017-09-19 | 7.5 HIGH | N/A |
| cp/profile.php in VivaPrograms Infinity 2.0.5 and earlier does not require administrative authentication for the donewauthor action, which allows remote attackers to create administrative accounts via the name, password, and conf_password parameters. | |||||
| CVE-2009-3939 | 1 Linux | 1 Linux Kernel | 2017-09-19 | 6.6 MEDIUM | N/A |
| The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. | |||||
| CVE-2009-3880 | 1 Sun | 2 Jre, Openjdk | 2017-09-19 | 5.0 MEDIUM | N/A |
| The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512. | |||||
| CVE-2009-3866 | 1 Sun | 2 Jdk, Jre | 2017-09-19 | 9.3 HIGH | N/A |
| The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an unintended trusted application, aka Bug Id 6872824. | |||||
| CVE-2009-3889 | 1 Linux | 1 Linux Kernel | 2017-09-19 | 6.6 MEDIUM | N/A |
| The dbg_lvl file for the megaraid_sas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the (1) behavior and (2) logging level of the driver by modifying this file. | |||||
| CVE-2009-3722 | 1 Linux | 1 Linux Kernel | 2017-09-19 | 7.1 HIGH | N/A |
| The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application. | |||||
| CVE-2009-3716 | 1 Maniacomputer | 1 Mcshoutbox | 2017-09-19 | 6.5 MEDIUM | N/A |
| Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in smilies/. | |||||
| CVE-2009-3597 | 1 Digitaldesign | 1 Ddcms | 2017-09-19 | 5.0 MEDIUM | N/A |
| Digitaldesign CMS 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for autoconfig.dd. | |||||
| CVE-2009-3596 | 1 Joxtechnology | 1 Ajox Poll | 2017-09-19 | 7.5 HIGH | N/A |
| JoxTechnology Ajox Poll does not properly restrict access to admin/managepoll.php, which allows remote attackers to bypass authentication and gain administrative access via a direct request. | |||||
| CVE-2009-3525 | 1 Xen | 1 Xen | 2017-09-19 | 7.2 HIGH | N/A |
| The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the expected password. | |||||
| CVE-2009-3556 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2017-09-19 | 1.9 LOW | N/A |
| A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class/scsi_host/, which allows local users to make arbitrary changes to SCSI host attributes by modifying these files. | |||||
| CVE-2009-3461 | 1 Adobe | 1 Acrobat | 2017-09-19 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attackers to bypass intended file-extension restrictions via unknown vectors. | |||||
| CVE-2009-3421 | 1 Zenas | 1 Pao-bacheca Guestbook | 2017-09-19 | 6.8 MEDIUM | N/A |
| login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative access by setting the login_ok parameter to 1. | |||||
| CVE-2009-3385 | 1 Mozilla | 1 Seamonkey | 2017-09-19 | 7.1 HIGH | N/A |
| The mail component in Mozilla SeaMonkey before 1.1.19 does not properly restrict execution of scriptable plugin content, which allows user-assisted remote attackers to obtain sensitive information via crafted content in an IFRAME element in an HTML e-mail message, as demonstrated by a Flash object that sends arbitrary local files during a reply or forward operation. | |||||
| CVE-2009-3375 | 1 Mozilla | 1 Firefox | 2017-09-19 | 4.3 MEDIUM | N/A |
| content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function. | |||||
| CVE-2009-3374 | 1 Mozilla | 1 Firefox | 2017-09-19 | 7.5 HIGH | N/A |
| The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects." | |||||
| CVE-2009-3286 | 1 Linux | 1 Linux Kernel | 2017-09-19 | 4.6 MEDIUM | N/A |
| NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails. | |||||
| CVE-2009-3182 | 1 Anantasoft | 1 Gazelle Cms | 2017-09-19 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in admin/editor/filemanager/browser.html in Anantasoft Gazelle CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in user/File/. | |||||
| CVE-2009-3046 | 1 Opera | 1 Opera Browser | 2017-09-19 | 5.0 MEDIUM | N/A |
| Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate. | |||||
| CVE-2009-2770 | 1 Powerupload | 1 Powerupload | 2017-09-19 | 7.5 HIGH | N/A |
| PowerUpload 2.4 allows remote attackers to bypass authentication and gain administrative access via a MIME encoded value of admin for the myadminname cookie. | |||||
| CVE-2009-2690 | 1 Sun | 2 Java Se, Openjdk | 2017-09-19 | 5.0 MEDIUM | N/A |
| The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application. | |||||
| CVE-2009-2689 | 1 Sun | 2 Java Se, Openjdk | 2017-09-19 | 10.0 HIGH | N/A |
| JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application. | |||||
| CVE-2009-2766 | 1 Dd-wrt | 1 Dd-wrt | 2017-09-19 | 7.5 HIGH | N/A |
| httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests. | |||||
| CVE-2009-2682 | 1 Hp | 1 Hp-ux | 2017-09-19 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Role-Based Access Control (RBAC) in HP HP-UX B.11.23 and B.11.31 allows local users to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2009-2653 | 1 Microsoft | 2 Windows Server 2003, Windows Xp | 2017-09-19 | 4.6 MEDIUM | N/A |
| ** DISPUTED ** The NtUserConsoleControl function in win32k.sys in Microsoft Windows XP SP2 and SP3, and Server 2003 before SP1, allows local administrators to bypass unspecified "security software" and gain privileges via a crafted call that triggers an overwrite of an arbitrary memory location. NOTE: the vendor disputes the significance of this report, stating that 'the Administrator to SYSTEM "escalation" is not a security boundary we defend.' | |||||
| CVE-2009-2606 | 1 Brainjar | 1 Asp Football Pool | 2017-09-19 | 5.0 MEDIUM | N/A |
| ASP Football Pool 2.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for NFL.mdb. | |||||
| CVE-2009-2602 | 1 R2newsletter | 3 R2 Newsletter Lite, R2 Newsletter Pro, R2 Newsletter Stats | 2017-09-19 | 5.0 MEDIUM | N/A |
| R2 Newsletter Lite, Pro, and Stats stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for admin.mdb. | |||||
| CVE-2009-2558 | 1 Adminnewstools | 1 Admin News Tools | 2017-09-19 | 7.5 HIGH | N/A |
| system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote attackers to post news messages via a direct request. | |||||
| CVE-2009-2476 | 1 Sun | 2 Java Se, Openjdk | 2017-09-19 | 10.0 HIGH | N/A |
| The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object. | |||||
| CVE-2009-2393 | 1 Virtuenetz | 1 Virtue Online Test Generator | 2017-09-19 | 6.5 MEDIUM | N/A |
| admin/index.php in Virtuenetz Virtue Online Test Generator does not require administrative privileges, which allows remote authenticated users to have an unknown impact via unspecified vectors. | |||||
| CVE-2009-2306 | 1 Armassa | 2 Ard-9808, Ard-9808 Software | 2017-09-19 | 7.5 HIGH | N/A |
| The ARD-9808 DVR card security camera stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing usernames and passwords via a direct request for dvr.ini. | |||||
| CVE-2009-2293 | 1 Tutorial-share | 1 Tutorial Share | 2017-09-19 | 7.5 HIGH | N/A |
| Optimum Web Design Tutorial Share 3.5.0 and earlier allows remote attackers to bypass authentication and obtain administrative access by setting the usernamed cookie parameter. | |||||
| CVE-2015-0816 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2017-09-17 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js. | |||||
| CVE-2015-3290 | 1 Linux | 1 Linux Kernel | 2017-09-17 | 7.2 HIGH | N/A |
| arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering an NMI within a certain instruction window. | |||||
| CVE-2015-3083 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-17 | 6.4 MEDIUM | N/A |
| Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3082 and CVE-2015-3085. | |||||
| CVE-2015-3082 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-17 | 6.4 MEDIUM | N/A |
| Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3083 and CVE-2015-3085. | |||||
| CVE-2015-6018 | 1 Zyxel | 1 Pmg5318-b20a Firmware | 2017-09-15 | 10.0 HIGH | 9.8 CRITICAL |
| The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware before 1.00(AANC.2)C0 allows remote attackers to execute arbitrary commands via the PingIPAddr parameter. | |||||
| CVE-2015-4629 | 1 Huawei | 2 E5756s, E5756s Firmware | 2017-09-14 | 7.5 HIGH | 9.8 CRITICAL |
| Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions. | |||||
| CVE-2015-6785 | 1 Google | 1 Chrome | 2017-09-14 | 4.3 MEDIUM | N/A |
| The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a policy that was intended to be specific to subdomains. | |||||
| CVE-2015-6786 | 1 Google | 1 Chrome | 2017-09-14 | 4.3 MEDIUM | N/A |
| The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts a blob:, data:, or filesystem: URL as a match for a * pattern, which allows remote attackers to bypass intended scheme restrictions in opportunistic circumstances by leveraging a policy that relies on this pattern. | |||||
| CVE-2015-6779 | 1 Google | 1 Chrome | 2017-09-14 | 4.3 MEDIUM | N/A |
| PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL. | |||||
| CVE-2015-6770 | 1 Google | 1 Chrome | 2017-09-14 | 7.5 HIGH | N/A |
| The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768. | |||||
| CVE-2015-6768 | 1 Google | 1 Chrome | 2017-09-14 | 7.5 HIGH | N/A |
| The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770. | |||||
| CVE-2015-6769 | 1 Google | 1 Chrome | 2017-09-14 | 7.5 HIGH | N/A |
| The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing. | |||||
| CVE-2015-6383 | 1 Cisco | 1 Ios Xe | 2017-09-14 | 7.2 HIGH | N/A |
| Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130. | |||||
| CVE-2015-6772 | 1 Google | 1 Chrome | 2017-09-14 | 7.5 HIGH | N/A |
| The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin. | |||||
| CVE-2015-1590 | 1 Kamailio | 1 Kamailio | 2017-09-13 | 4.6 MEDIUM | 7.8 HIGH |
| The kamcmd administrative utility and default configuration in kamailio before 4.3.0 use /tmp/kamailio_ctl. | |||||
| CVE-2015-3222 | 1 Ossec | 1 Ossec | 2017-09-13 | 6.9 MEDIUM | 7.0 HIGH |
| syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows local users to execute arbitrary code as root. | |||||