Search
Total
21119 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2387 | 1 Sun | 1 Opensolaris | 2009-07-22 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the proc filesystem in Sun OpenSolaris snv_49 through snv_109 allows local users to cause a denial of service (deadlock and panic) via unknown vectors, related to the ldt_rewrite_syscall function. | |||||
| CVE-2009-2430 | 1 Sun | 2 Opensolaris, Solaris | 2009-07-22 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and OpenSolaris snv_01 through snv_58, when Solaris Auditing is enabled, allows local users with an RBAC execution profile for auditconfig to gain privileges via unknown attack vectors. | |||||
| CVE-2009-2297 | 1 Sun | 2 Opensolaris, Solaris | 2009-07-15 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the udp subsystem in the kernel in Sun Solaris 10, and OpenSolaris snv_90 through snv_108, when Solaris Trusted Extensions is enabled, allows remote attackers to cause a denial of service (panic) via unspecified vectors involving the crgetlabel function, related to a "TX panic." NOTE: this issue exists because of a regression in earlier kernel patches. | |||||
| CVE-2009-2452 | 1 Citrix | 1 Licensing | 2009-07-14 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have unknown impact and attack vectors, related to "underlying components of the License Management Console." | |||||
| CVE-2009-1420 | 1 Hp | 3 Hpovnnm.hpovmib, Hpovnnm.hpovsnmp, Openview Network Node Manager | 2009-07-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when used with SNMP (aka HPOvNNM.HPOVSNMP) before 1.30.009 and MIB (aka HPOvNNM.HPOVMIB) before 1.30.009, allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors. | |||||
| CVE-2009-2368 | 1 Matteo Ricchetti | 1 Ss5 | 2009-07-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Socks Server 5 before 3.7.8-8 has unknown impact and attack vectors. | |||||
| CVE-2009-1860 | 1 Adobe | 1 Shockwave Player | 2009-07-02 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content. | |||||
| CVE-2009-2045 | 1 Cisco | 2 Video Surveillance Integrated Services Platform, Video Surveillance Stream Manager | 2009-07-02 | 7.8 HIGH | N/A |
| The Cisco Video Surveillance Stream Manager firmware before 5.3, as used on Cisco Video Surveillance Services Platforms and Video Surveillance Integrated Services Platforms, allows remote attackers to cause a denial of service (reboot) via a malformed payload in a UDP packet to port 37000, related to the xvcrman process, aka Bug ID CSCsj47924. | |||||
| CVE-2009-2212 | 1 Ibm | 1 Rational Clearquest | 2009-07-02 | 5.0 MEDIUM | N/A |
| The CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and 7.0.1 before 7.0.1.5 allows attackers to discover a (1) username or (2) password via unspecified vectors. | |||||
| CVE-2009-2186 | 1 Adobe | 1 Shockwave Player | 2009-07-01 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2009-1860, related to an older issue that "was previously resolved in Shockwave Player 11.0.0.465." | |||||
| CVE-2009-2012 | 1 Sun | 1 Opensolaris | 2009-06-19 | 1.9 LOW | N/A |
| Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) via unknown vectors. | |||||
| CVE-2009-0623 | 1 Cisco | 3 Ace 4710, Application Control Engine Module, Catalyst | 2009-06-19 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet. | |||||
| CVE-2009-2035 | 1 Drupal | 1 Services Module For Drupal | 2009-06-15 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in Services 6.x before 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote attackers to read or add keys and access unauthorized services via unspecified vectors. | |||||
| CVE-2009-1589 | 1 Cgi Rescue | 1 Cgi Rescue Minibbs22 | 2009-06-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors. | |||||
| CVE-2009-1807 | 1 Baofeng | 1 Storm | 2009-06-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote attackers to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009. | |||||
| CVE-2009-0588 | 1 Redhat | 2 Certificate System, Dogtag Certificate System | 2009-06-09 | 6.5 MEDIUM | N/A |
| agent/request/op.cgi in the Registration Authority (RA) component in Red Hat Certificate System (RHCS) 7.3 and Dogtag Certificate System allows remote authenticated users to approve certificate requests queued for arbitrary agent groups via a modified request ID field. | |||||
| CVE-2003-1572 | 1 Sun | 1 Jmf | 2009-06-02 | 9.3 HIGH | N/A |
| Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields. | |||||
| CVE-2009-1604 | 1 Limesurvey | 1 Limesurvey | 2009-05-23 | 7.5 HIGH | N/A |
| Unspecified vulnerability in LimeSurvey before 1.82 allows remote attackers to execute commands and obtain sensitive data via unknown attack vectors related to /admin/remotecontrol/. | |||||
| CVE-2009-1576 | 1 Drupal | 1 Drupal | 2009-05-20 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows user-assisted remote attackers to obtain sensitive information by tricking victims into visiting the front page of the site with a crafted URL and causing form data to be sent to an attacker-controlled site, possibly related to multiple / (slash) characters that are not properly handled by includes/bootstrap.inc, as demonstrated using the search box. NOTE: this vulnerability can be leveraged to conduct cross-site request forgery (CSRF) attacks. | |||||
| CVE-2008-5848 | 1 Advantech | 14 Adam-6015, Adam-6017, Adam-6018 and 11 more | 2009-05-20 | 10.0 HIGH | N/A |
| The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity. | |||||
| CVE-2009-1365 | 1 Adobe | 1 Flash Media Server | 2009-05-19 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.4 and 3.5.x before 3.5.2, as used in Flash Media Interactive Server and Flash Media Streaming Server, allows remote attackers to execute arbitrary remote procedures within an ActionScript file on the server via RPC requests. | |||||
| CVE-2009-1666 | 1 Cyclomedia | 1 Cycloscopelite | 2009-05-19 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in CycloMedia CycloScopeLite 2.50.3.0 allow remote attackers to execute arbitrary code via the ReturnConnection method in (1) CM_ADOConnection.dll, (2) CM_AddressInfoDBC.dll, and (3) CM_RecordingLocationDBC.dll, related to improper dereferencing. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-1359 | 1 Sun | 1 Opensolaris | 2009-05-14 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the SCTP sockets implementation in Sun OpenSolaris snv_106 through snv_107 allows local users to cause a denial of service (panic) via unknown vectors. | |||||
| CVE-2009-0720 | 1 Hp | 1 Openview Network Node Manager | 2009-05-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2009-1590 | 1 Cgi Rescue | 1 Form2mail | 2009-05-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form. | |||||
| CVE-2009-0715 | 1 Hp | 1 Storage Essentials | 2009-04-29 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors. | |||||
| CVE-2009-1156 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2009-04-28 | 5.7 MEDIUM | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet. | |||||
| CVE-2009-1332 | 1 Sun | 1 Java System Directory Server | 2009-04-28 | 5.0 MEDIUM | N/A |
| The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors. | |||||
| CVE-2009-1159 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2009-04-28 | 7.8 HIGH | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets. | |||||
| CVE-2009-1158 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2009-04-28 | 7.8 HIGH | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet. | |||||
| CVE-2009-0718 | 1 Hp | 1 Storageworks Storage Mirroring | 2009-04-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2009-0717 | 1 Hp | 1 Storageworks Storage Mirroring | 2009-04-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2009-0716 | 1 Hp | 1 Storageworks Storage Mirroring | 2009-04-28 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service or obtain "access" via unknown vectors. | |||||
| CVE-2009-1443 | 1 Ocsinventory-ng | 1 Ocs Inventory Ng | 2009-04-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors. | |||||
| CVE-2009-0939 | 1 Tor | 1 Tor | 2009-04-18 | 10.0 HIGH | N/A |
| Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0. | |||||
| CVE-2009-0937 | 1 Tor | 1 Tor | 2009-04-18 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors. | |||||
| CVE-2009-0936 | 1 Tor | 1 Tor | 2009-04-18 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes." | |||||
| CVE-2009-1231 | 1 Ibm | 1 Db2 Content Manager | 2009-04-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the eClient in IBM DB2 Content Manager 8.4.1 before 8.4.1.1 has unknown impact and attack vectors. | |||||
| CVE-2008-6621 | 1 Graphicsmagick | 1 Graphicsmagick | 2009-04-14 | 7.8 HIGH | N/A |
| Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1056 | 1 Ibm | 1 Rational Appscan | 2009-04-02 | 5.0 MEDIUM | N/A |
| IBM Rational AppScan Enterprise before 5.5 FP1 allows remote attackers to read arbitrary exported reports by "forcefully browsing." | |||||
| CVE-2009-1178 | 1 Ibm | 1 Tivoli Storage Manager | 2009-04-01 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the server in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.2 and 6.x before 6.1 has unknown impact and attack vectors related to the "admin command line." | |||||
| CVE-2008-6566 | 1 8pussy | 1 Octopussy | 2009-03-31 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Octopussy before 0.9.5.8 has unknown impact and attack vectors related to a "major security" vulnerability. | |||||
| CVE-2008-6549 | 1 Moinmo | 1 Moinmoin | 2009-03-30 | 5.0 MEDIUM | N/A |
| The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors. | |||||
| CVE-2008-6546 | 1 Alecwh | 1 Phpns | 2009-03-30 | 10.0 HIGH | N/A |
| Unspecified vulnerability in phpns before 2.1.3 has unknown impact and attack vectors related to "activation permissions." | |||||
| CVE-2009-1037 | 1 Drupal | 2 Drupal, Print | 2009-03-26 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to send unlimited spam messages via unknown vectors related to the flood control API. | |||||
| CVE-2008-6507 | 1 Phpbb | 1 Phpbb | 2009-03-24 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum. | |||||
| CVE-2009-0713 | 1 Hp | 1 Systems Insight Manager | 2009-03-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2009-0712 | 1 Hp | 2 Insight Manager, Wmi Mapper | 2009-03-21 | 7.2 HIGH | N/A |
| Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2008-6072 | 1 Graphicsmagick | 1 Graphicsmagick | 2009-03-13 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CINEON images. | |||||
| CVE-2009-0752 | 1 Sixapart | 1 Movable Type | 2009-03-04 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Movable Type Pro and Community Solution 4.x before 4.24 has unknown impact and attack vectors, possibly related to the password recovery mechanism. | |||||