CVE-2009-0xxx

There are 971 CVE in this subgroup.
Last updated: 
← Back to 2009
ID Summary Flags Max Score
CVE-2009-0001 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial o...
S
CVE-2009-0002 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial o...
S
CVE-2009-0003 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial o...
S
CVE-2009-0004 Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (...
S
CVE-2009-0005 Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of...
S
CVE-2009-0006 Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of ...
S
CVE-2009-0007 Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial o...
S
CVE-2009-0008 Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows a...
CVE-2009-0009 Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote att...
CVE-2009-0010 Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple Q...
S
CVE-2009-0011 Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via u...
S
CVE-2009-0012 Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute a...
S
CVE-2009-0013 dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as co...
S
CVE-2009-0014 Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Download...
S
CVE-2009-0015 Unspecified vulnerability in fseventsd in the FSEvents framework in Apple Mac OS X 10.5.6 allows loc...
S
CVE-2009-0016 Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite lo...
S
CVE-2009-0017 csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle...
S
CVE-2009-0018 The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a b...
CVE-2009-0019 Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial o...
CVE-2009-0020 Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers...
S
CVE-2009-0021 NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from th...
CVE-2009-0022 Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to ac...
CVE-2009-0023 The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allo...
S
CVE-2009-0024 The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local us...
S
CVE-2009-0025 BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenS...
CVE-2009-0026 Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote a...
E
CVE-2009-0027 The request handler in JBossWS in JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2...
S
CVE-2009-0028 The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary si...
CVE-2009-0029 The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms ...
CVE-2009-0030 A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions...
CVE-2009-0031 Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6...
CVE-2009-0032 CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network ...
CVE-2009-0033 Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJ...
S
CVE-2009-0034 parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in...
CVE-2009-0035 alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink a...
E S
CVE-2009-0036 Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5....
E
CVE-2009-0037 The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is ...
E S
CVE-2009-0038 Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Gero...
E S
CVE-2009-0039 Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apac...
E
CVE-2009-0040 The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush a...
CVE-2009-0041 IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-...
S
CVE-2009-0042 Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA An...
CVE-2009-0043 The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Managem...
S
CVE-2009-0046 Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyF...
CVE-2009-0047 Gale 0.99 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal func...
CVE-2009-0048 OpenEvidence 1.0.6 and earlier does not properly check the return value from the OpenSSL EVP_VerifyF...
CVE-2009-0049 Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the return value from the ...
CVE-2009-0050 Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify functio...
CVE-2009-0051 ZXID 0.29 and earlier does not properly check the return value from the OpenSSL DSA_verify function,...
CVE-2009-0052 The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and...
CVE-2009-0053 PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 be...
CVE-2009-0054 PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 be...
CVE-2009-0055 Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort En...
CVE-2009-0056 Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort En...
CVE-2009-0057 The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x ...
CVE-2009-0058 The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Ci...
CVE-2009-0059 The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Ci...
CVE-2009-0061 Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Ci...
CVE-2009-0062 Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless S...
CVE-2009-0063 Cross-site scripting (XSS) vulnerability in the Control Center in Symantec Brightmail Gateway Applia...
S
CVE-2009-0064 Multiple unspecified vulnerabilities in the Control Center in Symantec Brightmail Gateway Appliance ...
S
CVE-2009-0065 Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implem...
CVE-2009-0066 Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT)...
CVE-2009-0068 Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file wi...
CVE-2009-0069 Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client i...
S
CVE-2009-0070 Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary m...
E
CVE-2009-0071 Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attacker...
E
CVE-2009-0072 Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attackers to cause a denial of servi...
E
CVE-2009-0073 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-0074 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-0075 Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted obj...
E S
CVE-2009-0076 Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute ar...
CVE-2009-0077 The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG M...
CVE-2009-0078 The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 20...
CVE-2009-0079 The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly ...
CVE-2009-0080 The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement iso...
S
CVE-2009-0081 The graphics device interface (GDI) implementation in the kernel in Microsoft Windows 2000 SP4, XP S...
CVE-2009-0082 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP...
CVE-2009-0083 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 does not properly hand...
CVE-2009-0084 Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers ...
CVE-2009-0085 The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and...
CVE-2009-0086 Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and S...
CVE-2009-0087 Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP ...
CVE-2009-0088 The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Micro...
CVE-2009-0089 Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 a...
CVE-2009-0090 Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable co...
CVE-2009-0091 Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality con...
CVE-2009-0092 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-0093 Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dyn...
CVE-2009-0094 The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 does not restrict registra...
CVE-2009-0095 Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly validate object data in Vi...
CVE-2009-0096 Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operat...
CVE-2009-0097 Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly validate memory allocation for Visio ...
CVE-2009-0098 Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not pr...
CVE-2009-0099 The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 S...
CVE-2009-0100 Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 an...
CVE-2009-0101 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-0102 Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, does not properly handle memor...
CVE-2009-0103 Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execut...
E
CVE-2009-0104 SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrar...
E
CVE-2009-0105 Cross-site scripting (XSS) vulnerability in index.php in EZpack 4.2b2 allows remote attackers to inj...
E
CVE-2009-0106 SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attac...
E
CVE-2009-0107 Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows...
E
CVE-2009-0108 PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass authentication and gain adminis...
E
CVE-2009-0109 SQL injection vulnerability in index.php in RiotPix 0.61 and earlier allows remote attackers to exec...
E
CVE-2009-0110 SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execu...
E
CVE-2009-0111 SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers...
E
CVE-2009-0112 Cross-site request forgery (CSRF) vulnerability in admin/agent_edit.asp in PollPro 3.0 allows remote...
E
CVE-2009-0113 Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1....
E
CVE-2009-0114 Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10....
S
CVE-2009-0115 The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as use...
E
CVE-2009-0119 Buffer overflow in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (me...
E
CVE-2009-0120 The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 allows remote attackers ...
E
CVE-2009-0121 SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute ...
CVE-2009-0122 hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users...
E S
CVE-2009-0123 Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows allows remote attackers to re...
CVE-2009-0124 The tqsl_verifyDataBlock function in openssl_cert.cpp in American Radio Relay League (ARRL) tqsllib ...
E
CVE-2009-0125 NOTE: this issue has been disputed by the upstream vendor. nasl/nasl_crypto2.c in the Nessus Attack ...
E
CVE-2009-0126 The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Netwo...
E
CVE-2009-0127 M2Crypto does not properly check the return value from the OpenSSL EVP_VerifyFinal, DSA_verify, ECDS...
E
CVE-2009-0128 plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM o...
E
CVE-2009-0129 libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify and D...
E
CVE-2009-0130 lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value from the OpenSSL DS...
E
CVE-2009-0131 The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to ...
CVE-2009-0132 Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bi...
S
CVE-2009-0133 Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers ...
E
CVE-2009-0134 Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in A...
E
CVE-2009-0135 Multiple integer overflows in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp ...
E
CVE-2009-0136 Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp...
E
CVE-2009-0137 Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 10.4.11 and 10.5.6, and Windows...
S
CVE-2009-0138 servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication crede...
S
CVE-2009-0139 Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows remote SMB servers to cause a ...
S
CVE-2009-0140 Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4.11 and 10.5.6 allows remote SM...
S
CVE-2009-0141 XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with insecure w...
CVE-2009-0142 Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of servic...
CVE-2009-0143 Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication requ...
S
CVE-2009-0144 CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse noncompliant Set-Cookie heade...
S
CVE-2009-0145 CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPho...
S
CVE-2009-0146 Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, ...
S
CVE-2009-0147 Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,...
S
CVE-2009-0148 Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code vi...
S
CVE-2009-0149 Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to gain privileges or cause a denia...
S
CVE-2009-0150 Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileg...
S
CVE-2009-0151 The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 does not prevent four-finger Multi-Tou...
S
CVE-2009-0152 iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communicatio...
S
CVE-2009-0153 International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS...
S
CVE-2009-0154 Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10...
S
CVE-2009-0155 Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1,...
S
CVE-2009-0156 Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to cause a ...
S
CVE-2009-0157 Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web serve...
S
CVE-2009-0158 Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote...
S
CVE-2009-0159 Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7...
S
CVE-2009-0160 QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execut...
S
CVE-2009-0161 The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before 10.5.7 misinterprets an unspecified ...
S
CVE-2009-0162 Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS ...
S
CVE-2009-0163 Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attacke...
S
CVE-2009-0164 The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request,...
S
CVE-2009-0165 Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other prod...
S
CVE-2009-0166 The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows rem...
S
CVE-2009-0167 Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows...
S
CVE-2009-0168 Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows ...
S
CVE-2009-0169 Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain priv...
S
CVE-2009-0170 Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with ...
S
CVE-2009-0171 The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows re...
CVE-2009-0172 Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows rem...
S
CVE-2009-0173 Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before F...
S
CVE-2009-0174 Stack-based buffer overflow in VUPlayer 2.49 allows remote attackers to execute arbitrary code via a...
E
CVE-2009-0175 Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allows remote attackers to cause a...
E
CVE-2009-0176 Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in M...
CVE-2009-0177 vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6....
E S
CVE-2009-0178 Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 has unknown i...
CVE-2009-0179 libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted ...
CVE-2009-0180 Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 o...
CVE-2009-0181 Buffer overflow in VUPlayer allows user-assisted attackers to have an unknown impact via a long file...
CVE-2009-0182 Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary cod...
E
CVE-2009-0183 Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 an...
E
CVE-2009-0184 Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 B...
CVE-2009-0185 Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitr...
S
CVE-2009-0186 Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependen...
CVE-2009-0187 Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before ...
S
CVE-2009-0188 Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of ...
S
CVE-2009-0189 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1012. Reason: This candida...
R
CVE-2009-0190 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1016. Reason: This candida...
R
CVE-2009-0191 Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not prop...
S
CVE-2009-0192 Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly ...
CVE-2009-0193 Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 ...
S
CVE-2009-0194 The domain-locking implementation in the GARMINAXCONTROL.GarminAxControl_t.1 ActiveX control in npGa...
CVE-2009-0195 Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, all...
CVE-2009-0196 Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG...
E S
CVE-2009-0197 Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute ...
S
CVE-2009-0198 Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R...
S
CVE-2009-0199 Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 ...
S
CVE-2009-0200 Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might al...
CVE-2009-0201 Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9...
CVE-2009-0202 Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows 2.1 Translator in Microsoft Pow...
CVE-2009-0204 Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6.2 allows remote attackers to ...
CVE-2009-0206 Unspecified vulnerability in NFS in HP ONCplus B.11.31.05 and earlier for HP-UX B.11.31 allows local...
CVE-2009-0207 Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk Manager (VRTSodm) 3.5, B.11.2...
S
CVE-2009-0208 Unspecified vulnerability in HP Virtual Rooms Client before 7.0.1, when running on Windows, allows r...
CVE-2009-0209 PI Server in OSIsoft PI System before 3.4.380.x does not properly use encryption in the default auth...
CVE-2009-0210 Buffer overflow in the MLF application in AREVA e-terrahabitat 5.7 and earlier allows remote attacke...
CVE-2009-0211 Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier all...
CVE-2009-0212 Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier all...
CVE-2009-0213 Unspecified vulnerability in the NETIO application in AREVA e-terrahabitat 5.7 and earlier allows re...
CVE-2009-0214 Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier all...
CVE-2009-0215 Stack-based buffer overflow in the GetXMLValue method in the IBM Access Support ActiveX control in I...
CVE-2009-0216 GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted loca...
CVE-2009-0217 The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented i...
S
CVE-2009-0218 Insecure method vulnerability in Particle Software IntraLaunch Application Launcher ActiveX control ...
CVE-2009-0219 The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server...
CVE-2009-0220 Multiple stack-based buffer overflows in the PowerPoint 4.0 importer (PP4X32.DLL) in Microsoft Offic...
CVE-2009-0221 Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to exe...
CVE-2009-0222 Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbi...
CVE-2009-0223 Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbi...
CVE-2009-0224 Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 20...
CVE-2009-0225 Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via crafted s...
CVE-2009-0226 Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in Microsoft Office PowerPoint 2...
CVE-2009-0227 Stack-based buffer overflow in the PowerPoint 4.2 conversion filter (PP4X32.DLL) in Microsoft Office...
CVE-2009-0228 Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service (w...
CVE-2009-0229 The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista G...
CVE-2009-0230 The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold...
CVE-2009-0231 The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3,...
S
CVE-2009-0232 Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 an...
CVE-2009-0233 The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, S...
CVE-2009-0234 The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, S...
CVE-2009-0235 Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, ...
CVE-2009-0236 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-0237 Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML forms authentication componen...
CVE-2009-0238 Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; E...
CVE-2009-0239 Cross-site scripting (XSS) vulnerability in Windows Search 4.0 for Microsoft Windows XP SP2 and SP3 ...
CVE-2009-0240 listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authent...
CVE-2009-0241 Stack-based buffer overflow in the process_path function in gmetad/server.c in Ganglia 3.1.1 allows ...
CVE-2009-0242 Rejected reason: gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an int...
R
CVE-2009-0243 Microsoft Windows does not properly enforce the Autorun and NoDriveTypeAutoRun registry values, whic...
CVE-2009-0244 Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Window...
E
CVE-2009-0245 Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0.1 and earlier allows remote a...
S
CVE-2009-0246 Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrar...
CVE-2009-0247 The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side pr...
CVE-2009-0248 Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton RankEm allows remote attacker...
E
CVE-2009-0249 Katy Whitton RankEm stores sensitive information under the web root with insufficient access control...
E
CVE-2009-0250 Ryneezy phoSheezy 0.2 stores sensitive information under the web root with insufficient access contr...
E
CVE-2009-0251 Static code injection vulnerability in admin.php in Ryneezy phoSheezy 0.2 allows remote authenticate...
E
CVE-2009-0252 Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote atta...
E
CVE-2009-0253 Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an ...
E
CVE-2009-0254 Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrar...
CVE-2009-0255 The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 throu...
CVE-2009-0256 Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 thr...
CVE-2009-0257 Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1....
CVE-2009-0258 The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 thro...
CVE-2009-0259 The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial o...
E
CVE-2009-0260 Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1...
E S
CVE-2009-0261 Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 allows user-assisted attackers t...
E
CVE-2009-0262 Stack-based buffer overflow in Triologic Media Player 7 and 8.0.0.0 allows user-assisted remote atta...
E
CVE-2009-0263 Multiple buffer overflows in Winamp 5.541 and earlier allow remote attackers to cause a denial of se...
E
CVE-2009-0264 Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and ea...
S
CVE-2009-0265 Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value fr...
S
CVE-2009-0266 Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows user-assisted remote attackers ...
CVE-2009-0267 libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, whi...
S
CVE-2009-0268 Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenS...
S
CVE-2009-0269 fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users...
S
CVE-2009-0270 Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and e...
S
CVE-2009-0271 Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1....
S
CVE-2009-0272 Cross-site request forgery (CSRF) vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x...
CVE-2009-0273 Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7...
CVE-2009-0274 Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, an...
CVE-2009-0275 Static code injection vulnerability in admin.php in Ryneezy phoSheezy 0.2 allows remote authenticate...
E
CVE-2009-0276 Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows rem...
CVE-2009-0277 Unspecified vulnerability in the kernel in OpenSolaris snv_100 through snv_102 on the Sun UltraSPARC...
S
CVE-2009-0278 Sun Java System Application Server (AS) 8.1 and 8.2 allows remote attackers to read the Web Applicat...
S
CVE-2009-0279 SQL injection vulnerability in comentar.php in Pardal CMS 0.2.0 and earlier allows remote attackers ...
E
CVE-2009-0280 Asp Project Management 1.0 allows remote attackers to bypass authentication and gain administrative ...
E
CVE-2009-0281 SQL injection vulnerability in login.aspx in WarHound Walking Club allows remote attackers to execut...
E
CVE-2009-0282 Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and other wirele...
CVE-2009-0283 Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows remote attackers to inject arbit...
E
CVE-2009-0284 SQL injection vulnerability in category.php in Flax Article Manager 1.1 allows remote attackers to e...
E
CVE-2009-0285 Cross-site scripting (XSS) vulnerability in error.asp in BBSXP 5.13 and earlier allows remote attack...
E
CVE-2009-0286 Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enab...
E
CVE-2009-0287 SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers ...
S
CVE-2009-0288 Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attac...
S
CVE-2009-0289 k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to cause a denial of service (se...
S
CVE-2009-0290 Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to i...
E
CVE-2009-0291 Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and ex...
E
CVE-2009-0292 SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbit...
E
CVE-2009-0293 SQL injection vulnerability in profile_view.php in Wazzum Dating Software, possibly 2.0, allows remo...
E
CVE-2009-0294 Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, when register_globals is enable...
E
CVE-2009-0295 SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) ...
E
CVE-2009-0296 SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote at...
E
CVE-2009-0297 SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute ar...
E
CVE-2009-0298 Heap-based buffer overflow in MW6 Technologies Barcode ActiveX control (Barcode.MW6Barcode.1, Barcod...
E
CVE-2009-0299 SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arb...
E
CVE-2009-0300 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2636. Reason: This candida...
R
CVE-2009-0301 Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX control (FlexCell.ocx) in Flex...
E
CVE-2009-0302 SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows r...
E
CVE-2009-0303 Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to i...
CVE-2009-0304 The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attacker...
E
CVE-2009-0305 Multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control in AxLo...
S
CVE-2009-0306 Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in lnresobject.dll in BlackBerry ...
S
CVE-2009-0307 Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/Config...
E
CVE-2009-0310 Buffer overflow in SUSE blinux (aka sbl) in SUSE openSUSE 10.3 through 11.0 has unknown impact and a...
CVE-2009-0311 The Backbone service (ftbackbone.exe) in EMC AutoStart before 5.3 SP2 allows remote attackers to exe...
CVE-2009-0312 Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin ...
CVE-2009-0313 winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on t...
CVE-2009-0314 Untrusted search path vulnerability in the Python module in gedit allows local users to execute arbi...
E S
CVE-2009-0315 Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbi...
CVE-2009-0316 Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045...
CVE-2009-0317 Untrusted search path vulnerability in the Python language bindings for Nautilus (nautilus-python) a...
CVE-2009-0318 Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows loc...
CVE-2009-0319 Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSo...
S
CVE-2009-0320 Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all proce...
CVE-2009-0321 Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of s...
E
CVE-2009-0322 drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allo...
S
CVE-2009-0323 Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers ...
E
CVE-2009-0324 Multiple SQL injection vulnerabilities in BibCiter 1.4 allow remote attackers to execute arbitrary S...
E
CVE-2009-0325 Directory traversal vulnerability in entries/index.php in Ninja Blog 4.8, when magic_quotes_gpc is d...
E
CVE-2009-0326 SQL injection vulnerability in login.php in Dark Age CMS 0.2c beta allows remote attackers to execut...
E
CVE-2009-0327 SQL injection vulnerability in readbible.php in Free Bible Search PHP Script 1.0 allows remote attac...
E
CVE-2009-0328 ROBS-PROJECTS Digital Sales IPN (aka DS-IPN.NET or DS-IPN Paypal Shop) stores sensitive information ...
E
CVE-2009-0329 SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote a...
E
CVE-2009-0330 Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows r...
E
CVE-2009-0331 Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 ...
E
CVE-2009-0332 Multiple SQL injection vulnerabilities in AV Book Library before 1.1 allow remote attackers to execu...
CVE-2009-0333 SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for J...
E
CVE-2009-0334 SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute ...
E
CVE-2009-0335 Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton BlogIt! allows remote attacker...
E
CVE-2009-0336 Katy Whitton BlogIt! stores sensitive information under the web root with insufficient access contro...
E
CVE-2009-0337 SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute ...
E
CVE-2009-0338 Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows r...
E
CVE-2009-0339 SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attacke...
E
CVE-2009-0340 Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to ...
E
CVE-2009-0341 The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP3 might allow remote attackers...
CVE-2009-0342 Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows local users to bypass intended...
E
CVE-2009-0343 Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass int...
E
CVE-2009-0344 Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X22...
S
CVE-2009-0345 Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X22...
S
CVE-2009-0346 The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solari...
S
CVE-2009-0347 Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine all...
CVE-2009-0348 The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 r...
S
CVE-2009-0349 Stack-based buffer overflow in FTPShell Server 4.3 allows user-assisted remote attackers to cause a ...
E
CVE-2009-0350 Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary c...
E
CVE-2009-0351 Stack-based buffer overflow in WFTPSRV.exe in WinFTP 2.3.0 allows remote authenticated users to exec...
E
CVE-2009-0352 Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.2...
CVE-2009-0353 Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaM...
CVE-2009-0354 Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote att...
CVE-2009-0355 components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes...
S
CVE-2009-0356 Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about...
CVE-2009-0357 Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pa...
CVE-2009-0358 Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache...
CVE-2009-0359 Multiple cross-site scripting (XSS) vulnerabilities in Samizdat before 0.6.2 allow remote authentica...
S
CVE-2009-0360 Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize th...
CVE-2009-0361 Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, ...
CVE-2009-0362 filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attac...
E
CVE-2009-0363 Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl 2.1.11 allow remote attackers to e...
CVE-2009-0364 Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other ver...
S
CVE-2009-0365 nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which all...
S
CVE-2009-0366 The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote a...
CVE-2009-0367 The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sa...
S
CVE-2009-0368 OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and r...
E S
CVE-2009-0369 Microsoft Internet Explorer 7 allows remote attackers to trick a user into visiting an arbitrary URL...
E
CVE-2009-0370 Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data...
S
CVE-2009-0371 Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and earlier allows remote attacker...
E
CVE-2009-0372 Unrestricted file upload vulnerability in index.php in Miltenovik Manojlo MemHT Portal 4.0.1 and ear...
E S
CVE-2009-0373 SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) co...
E
CVE-2009-0374 Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via ...
E
CVE-2009-0375 Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0...
CVE-2009-0376 Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 ...
CVE-2009-0377 SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! ...
E
CVE-2009-0378 Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0...
E
CVE-2009-0379 SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows...
E
CVE-2009-0380 SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 compon...
E
CVE-2009-0381 SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component fo...
E
CVE-2009-0382 Unspecified vulnerability in Internationalization (i18n) Translation 5.x before 5.x-2.5, a module fo...
S
CVE-2009-0383 delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to del...
E S
CVE-2009-0384 SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows remote attackers to execute arbitra...
E
CVE-2009-0385 Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before re...
CVE-2009-0386 Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStream...
E S
CVE-2009-0387 Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good P...
E S
CVE-2009-0388 Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remo...
E S
CVE-2009-0389 Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX ...
E
CVE-2009-0390 Argument injection vulnerability in Enomaly Elastic Computing Platform (ECP), formerly Enomalism, be...
CVE-2009-0391 Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows attackers t...
CVE-2009-0392 Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authe...
E
CVE-2009-0393 Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remot...
E
CVE-2009-0394 SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows rem...
E
CVE-2009-0395 SQL injection vulnerability in the login feature in NetArt Media Car Portal 1.0 allows remote attack...
E
CVE-2009-0396 The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, W880i, and K530i phones allow rem...
CVE-2009-0397 Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStream...
E S
CVE-2009-0398 Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-in...
E
CVE-2009-0399 Chipmunk Blogger Script allows remote attackers to gain administrator privileges via a direct reques...
E
CVE-2009-0400 SQL injection vulnerability in blog.php in SocialEngine 3.06 trial allows remote attackers to execut...
E
CVE-2009-0401 SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitr...
E
CVE-2009-0402 SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) before 0.2...
CVE-2009-0403 SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attac...
E
CVE-2009-0404 Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow...
CVE-2009-0405 SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote attackers to execute ...
E
CVE-2009-0406 SQL injection vulnerability in index.php in Community CMS 0.4 and earlier allows remote attackers to...
E
CVE-2009-0407 SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 allows remote attackers to execu...
E
CVE-2009-0408 Cross-site request forgery (CSRF) vulnerability in osCommerce 2.2 RC 2a allows remote attackers to h...
CVE-2009-0409 SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc...
E
CVE-2009-0410 Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0...
S
CVE-2009-0411 Google Chrome before 1.0.154.46 does not properly restrict access from web pages to the (1) Set-Cook...
CVE-2009-0412 The ProcessLogin function in class.auth.php in Interspire Shopping Cart (ISC) 4.0.1 Ultimate edition...
CVE-2009-0413 Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remo...
CVE-2009-0414 Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors th...
E S
CVE-2009-0415 Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via...
E
CVE-2009-0416 The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manag...
CVE-2009-0417 Cross-site scripting (XSS) vulnerability in the AgaviWebRouting::gen(null) method in Agavi 0.11 befo...
S
CVE-2009-0418 The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 ...
CVE-2009-0419 Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7,...
CVE-2009-0420 SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows ...
E
CVE-2009-0421 SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote...
E
CVE-2009-0422 Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and earlier, when reg...
E
CVE-2009-0423 Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote att...
E
CVE-2009-0424 Cross-site scripting (XSS) vulnerability in sign1.php in AN Guestbook (ANG) before 0.7.7 allows remo...
S
CVE-2009-0425 SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and earlier allows remote attackers t...
E
CVE-2009-0426 SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified List...
E
CVE-2009-0427 SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Director...
E
CVE-2009-0428 SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document...
E
CVE-2009-0429 Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQ...
E
CVE-2009-0430 Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote attackers to inject ...
E
CVE-2009-0431 SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to e...
E
CVE-2009-0432 The installation process for the File Transfer servlet in the System Management/Repository component...
S
CVE-2009-0433 Unspecified vulnerability in IBM WebSphere Application Server (WAS) 5.1.x before 5.1.1.19, 6.0.x bef...
S
CVE-2009-0434 PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 6.0.x b...
CVE-2009-0435 Unspecified vulnerability in the IBM Asynchronous I/O (aka AIO or libibmaio) library in the Java Mes...
S
CVE-2009-0436 The (1) mod_ibm_ssl and (2) mod_cgid modules in IBM HTTP Server 6.0.x before 6.0.2.31 and 6.1.x befo...
S
CVE-2009-0437 The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Wi...
CVE-2009-0438 IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows allows remote attackers to bypass...
S
CVE-2009-0439 Unspecified vulnerability in the queue manager in IBM WebSphere MQ (WMQ) 5.3, 6.0 before 6.0.2.6, an...
S
CVE-2009-0440 IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does not properly handle failures of signa...
S
CVE-2009-0441 PHP remote file inclusion vulnerability in skin_shop/standard/2_view_body/body_default.php in TECHNO...
E
CVE-2009-0442 Directory traversal vulnerability in bbcode.php in PHPbbBook 1.3 and 1.3h allows remote attackers to...
E
CVE-2009-0443 Stack-based buffer overflow in Elecard AVC HD PLAYER 5.5.90116 allows remote attackers to execute ar...
E
CVE-2009-0444 Multiple PHP remote file inclusion vulnerabilities in GRBoard 1.8, when register_globals is enabled ...
E
CVE-2009-0445 SQL injection vulnerability in index.php in Dreampics Gallery Builder allows remote attackers to exe...
E
CVE-2009-0446 SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote attackers to execute arbitra...
E
CVE-2009-0447 Multiple SQL injection vulnerabilities in default.asp in MyDesign Sayac 2.0 allow remote attackers t...
E
CVE-2009-0448 Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remot...
E
CVE-2009-0449 Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows...
E
CVE-2009-0450 Stack-based buffer overflow in BlazeVideo HDTV Player 3.5 and earlier allows remote attackers to exe...
E
CVE-2009-0451 SQL injection vulnerability in Skalfa SkaLinks 1.5 allows remote attackers to execute arbitrary SQL ...
E
CVE-2009-0452 Multiple SQL injection vulnerabilities in parents/login.php in Online Grades 3.2.4, when magic_quote...
E
CVE-2009-0453 Online Grades 3.2.4 allows remote attackers to obtain configuration information via a direct request...
E
CVE-2009-0454 Multiple SQL injection vulnerabilities in DMXReady Online Notebook Manager 1.1 allow remote attacker...
E
CVE-2009-0455 Cross-site scripting (XSS) vulnerability in the anonymous comments feature in lib-comment.php in glF...
E S
CVE-2009-0456 PHP remote file inclusion vulnerability in examples/example_clientside_javascript.php in patForms, a...
E
CVE-2009-0457 Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and...
E
CVE-2009-0458 Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Ware Support 1.x allow...
E
CVE-2009-0459 Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Password Protect: Enha...
E
CVE-2009-0460 Whole Hog Ware Support 1.x allows remote attackers to bypass authentication and obtain administrativ...
E
CVE-2009-0461 Whole Hog Password Protect: Enhanced 1.x allows remote attackers to bypass authentication and obtain...
E
CVE-2009-0462 Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow ...
E
CVE-2009-0463 PHP remote file inclusion vulnerability in includes/header.php in Groone GLinks 2.1 allows remote at...
E
CVE-2009-0464 PHP remote file inclusion vulnerability in includes/header.php in Groone GBook 2.0 allows remote att...
E
CVE-2009-0465 The SaveDoc method in the All_In_The_Box.AllBox ActiveX control in ALL_IN_THE_BOX.OCX in Synactis AL...
E
CVE-2009-0466 Cross-site scripting (XSS) vulnerability in Vivvo CMS before 4.1.1 allows remote attackers to inject...
CVE-2009-0467 Cross-site scripting (XSS) vulnerability in proxy.html in Profense Web Application Firewall 2.6.2 an...
E
CVE-2009-0468 Multiple cross-site request forgery (CSRF) vulnerabilities in ajax.html in Profense Web Application ...
E
CVE-2009-0469 Unspecified vulnerability in futomi's CGI Cafe Fulltext search CGI 1.1.2 allows remote attackers to ...
CVE-2009-0470 Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow r...
E
CVE-2009-0471 Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remo...
CVE-2009-0472 Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Rockwell Automation ...
CVE-2009-0473 Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A...
CVE-2009-0474 The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allo...
CVE-2009-0475 Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 ...
CVE-2009-0476 Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed i...
E
CVE-2009-0477 Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv...
E
CVE-2009-0478 Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a...
E S
CVE-2009-0479 Multiple SQL injection vulnerabilities in admin/admin_login.php in Online Grades 3.2.4 allow remote ...
CVE-2009-0480 The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper a...
S
CVE-2009-0481 Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote a...
CVE-2009-0482 Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3....
CVE-2009-0483 Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3....
CVE-2009-0484 Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and ...
CVE-2009-0485 Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2.22.7, 3.0 before 3.0.7, 3.2 be...
CVE-2009-0486 Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup t...
CVE-2009-0487 Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows remote attackers to inject ar...
CVE-2009-0488 Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 allows remote attackers to inject a...
CVE-2009-0489 The DBus configuration file for Wicd before 1.5.9 allows arbitrary users to own org.wicd.daemon, whi...
CVE-2009-0490 Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/str...
E
CVE-2009-0491 Stack-based buffer overflow in Elecard MPEG Player 5.5 build 15884.081218 allows remote attackers to...
E
CVE-2009-0492 Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has unknown impact and attack vectors re...
S
CVE-2009-0493 SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier allows remote attackers to execu...
E
CVE-2009-0494 SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote att...
E
CVE-2009-0495 PHP remote file inclusion vulnerability in include/define.php in REALTOR 747 4.11 allows remote atta...
E
CVE-2009-0496 Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.6.2 allow remote a...
E
CVE-2009-0497 Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attacke...
E
CVE-2009-0498 Virtual GuestBook (vgbook) 2.1 stores sensitive information under the web root with insufficient acc...
E
CVE-2009-0499 Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 before 1.7.7, 1.8 be...
CVE-2009-0500 Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6 before 1.6.9, 1.7 before 1....
CVE-2009-0501 Unspecified vulnerability in the Calendar export feature in Moodle 1.8 before 1.8.8 and 1.9 before 1...
CVE-2009-0502 Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in M...
CVE-2009-0503 IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a database connection password to the Event...
S
CVE-2009-0504 WSPolicy in the Web Services component in IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0....
S
CVE-2009-0505 The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for a forcepurge acknowledgement f...
S
CVE-2009-0506 Unspecified vulnerability in IBM WebSphere Application Server (WAS) 5.1 and 6.0.2 before 6.0.2.33 on...
S
CVE-2009-0507 IBM WebSphere Process Server (WPS) 6.1.2 before 6.1.2.3 and 6.2 before 6.2.0.1 does not properly res...
CVE-2009-0508 The Servlet Engine/Web Container and JSP components in IBM WebSphere Application Server (WAS) 5.1.0,...
S
CVE-2009-0509 Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R...
S
CVE-2009-0510 Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R...
S
CVE-2009-0511 Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R...
S
CVE-2009-0512 Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R...
S
CVE-2009-0513 Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 allow remote attackers to execut...
E
CVE-2009-0514 Multiple directory traversal vulnerabilities in WebFrame 0.76 allow remote attackers to include and ...
E
CVE-2009-0515 Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier a...
E
CVE-2009-0516 SQL injection vulnerability in the classified page (classified.php) in BusinessSpace 1.2 and earlier...
E
CVE-2009-0517 Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and earlier allows remote attackers to...
E
CVE-2009-0518 VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware E...
S
CVE-2009-0519 Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allo...
S
CVE-2009-0520 Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove referenc...
S
CVE-2009-0521 Untrusted search path vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0....
S
CVE-2009-0522 Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attacker...
S
CVE-2009-0523 Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to...
S
CVE-2009-0524 Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7, all...
S
CVE-2009-0525 Cross-site scripting (XSS) vulnerability in the sajax_get_common_js function in php/Sajax.php in Saj...
CVE-2009-0526 Multiple cross-site scripting (XSS) vulnerabilities in index.php in AdaptCMS Lite 1.4 allow remote a...
E
CVE-2009-0527 PHP remote file inclusion vulnerability in plugins/rss_importer_functions.php in AdaptCMS Lite 1.4 a...
E
CVE-2009-0528 SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and earlier allows remote attackers ...
E
CVE-2009-0529 Cross-site scripting (XSS) vulnerability in index.php in SnippetMaster Webpage Editor 2.2.2 allows r...
E
CVE-2009-0530 Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when register_globals is ...
E
CVE-2009-0531 SQL injection vulnerability in gallery/view.asp in A Better Member-Based ASP Photo Gallery before 1....
E
CVE-2009-0532 Cross-site scripting (XSS) vulnerability in password.php in Scripts For Sites (SFS) EZ Baby allows r...
CVE-2009-0533 Cross-site scripting (XSS) vulnerability in password.php in Scripts for Sites EZ Reminder allows rem...
CVE-2009-0534 SQL injection vulnerability in FlexCMS allows remote attackers to execute arbitrary SQL commands via...
E
CVE-2009-0535 Directory traversal vulnerability in export.php in Thyme 1.3 and earlier, when register_globals is d...
E
CVE-2009-0536 at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users...
E S
CVE-2009-0537 Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) M...
E
CVE-2009-0538 Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and mo...
S
CVE-2009-0540 Cross-site scripting (XSS) vulnerability in Libero 5.3 SP5, and possibly other versions before 5.5 S...
E
CVE-2009-0541 Multiple cross-site scripting (XSS) vulnerabilities in Magento 1.2.0 and 1.2.1.1 allow remote attack...
E
CVE-2009-0542 SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to exec...
E
CVE-2009-0543 ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection prot...
CVE-2009-0544 Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of servi...
E
CVE-2009-0545 cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary com...
E S
CVE-2009-0546 Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier allows user-assisted remote attac...
E
CVE-2009-0547 Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data b...
CVE-2009-0548 Cross-site scripting (XSS) vulnerability in the Additional Report Settings interface in ESET Remote ...
CVE-2009-0549 Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac...
CVE-2009-0550 Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 a...
CVE-2009-0551 Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003...
CVE-2009-0552 Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP...
CVE-2009-0553 Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003...
CVE-2009-0554 Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows S...
CVE-2009-0555 Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice De...
S
CVE-2009-0556 Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 200...
S
CVE-2009-0557 Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac...
KEV S
CVE-2009-0558 Array index error in Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, and Open X...
CVE-2009-0559 Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and Office XP SP3 allows remote at...
CVE-2009-0560 Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac...
CVE-2009-0561 Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2...
CVE-2009-0562 The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web...
CVE-2009-0563 Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Micro...
KEV S
CVE-2009-0565 Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office ...
CVE-2009-0566 Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher fi...
CVE-2009-0567 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-0568 The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2,...
CVE-2009-0569 Buffer overflow in Becky! Internet Mail 2.48.02 and earlier allows remote attackers to execute arbit...
CVE-2009-0570 Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is...
E
CVE-2009-0571 admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillist.php under the web root with ...
E
CVE-2009-0572 PHP remote file inclusion vulnerability in include/flatnux.php in FlatnuX CMS (aka Flatnuke3) 2009-0...
E
CVE-2009-0573 Multiple cross-site scripting (XSS) vulnerabilities in FotoWeb 6.0 (Build 273) allow remote attacker...
E
CVE-2009-0574 SQL injection vulnerability in index.php in Easy CafeEngine allows remote attackers to execute arbit...
E
CVE-2009-0575 Cross-site scripting (XSS) vulnerability in the theme_views_bulk_operations_confirmation function in...
S
CVE-2009-0576 Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edi...
S
CVE-2009-0577 Integer overflow in the WriteProlog function in texttops in CUPS 1.1.17 on Red Hat Enterprise Linux ...
S
CVE-2009-0578 GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2)...
CVE-2009-0579 Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shad...
S
CVE-2009-0580 Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authen...
S
CVE-2009-0581 Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK...
E S
CVE-2009-0582 The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in ...
CVE-2009-0583 Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka ...
CVE-2009-0584 icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscrip...
CVE-2009-0585 Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, an...
S
CVE-2009-0586 Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vo...
S
CVE-2009-0587 Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow ...
S
CVE-2009-0588 agent/request/op.cgi in the Registration Authority (RA) component in Red Hat Certificate System (RHC...
S
CVE-2009-0589 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2009-0590 The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial...
S
CVE-2009-0591 The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly han...
CVE-2009-0592 Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earlier allow remote attackers to ...
E
CVE-2009-0593 SQL injection vulnerability in members.php in plx Auto Reminder 3.7 allows remote authenticated user...
E
CVE-2009-0594 Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1.4 allows remote attackers to ...
E
CVE-2009-0595 PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register...
E
CVE-2009-0596 Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globa...
E
CVE-2009-0597 SQL injection vulnerability in admin/index.php in w3b>cms (aka w3blabor CMS) before 3.4.0, when magi...
E S
CVE-2009-0598 SQL injection vulnerability in index.php in PhpMesFilms 1.0 and 1.8 allows remote attackers to execu...
E
CVE-2009-0599 Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote...
E S
CVE-2009-0600 Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (a...
E
CVE-2009-0601 Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local ...
S
CVE-2009-0602 Unrestricted file upload vulnerability in upload.php in WikkiTikkiTavi 1.11 allows remote attackers ...
E
CVE-2009-0603 Cross-site scripting (XSS) vulnerability in index.php in the Link module 5.x-2.5 for Drupal 5.10 all...
CVE-2009-0604 SQL injection vulnerability in index.php in PHP Director 0.21 and earlier allows remote attackers to...
E
CVE-2009-0605 Stack consumption vulnerability in the do_page_fault function in arch/x86/mm/fault.c in the Linux ke...
S
CVE-2009-0606 The link_image function in linker/linker.c in the dynamic linker in Bionic in Open Handset Alliance ...
CVE-2009-0607 Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unkn...
CVE-2009-0608 Integer overflow in the showLog function in fake_log_device.c in liblog in Open Handset Alliance And...
CVE-2009-0609 Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 th...
S
CVE-2009-0610 Multiple static code injection vulnerabilities in post.php in Simple PHP News 1.0 final allow remote...
CVE-2009-0611 Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server i...
E
CVE-2009-0612 Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 3.x and InterScan Web Security Suite (I...
CVE-2009-0613 Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 allows remote authenticated Au...
CVE-2009-0614 Unspecified vulnerability in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 befor...
CVE-2009-0615 Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Appli...
CVE-2009-0616 Cisco Application Networking Manager (ANM) before 2.0 uses default usernames and passwords, which ma...
CVE-2009-0617 Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which make...
CVE-2009-0618 Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0...
S
CVE-2009-0619 Unspecified vulnerability in the Session Border Controller (SBC) before 3.0(2) for Cisco 7600 series...
S
CVE-2009-0620 Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1....
CVE-2009-0621 Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2)...
S
CVE-2009-0622 Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches ...
S
CVE-2009-0623 Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches ...
CVE-2009-0624 Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Modu...
S
CVE-2009-0625 Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches ...
CVE-2009-0626 The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of servi...
CVE-2009-0627 Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, ...
S
CVE-2009-0628 Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a ...
CVE-2009-0629 The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel C...
CVE-2009-0630 The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transpo...
CVE-2009-0631 Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level ...
S
CVE-2009-0632 The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manage...
S
CVE-2009-0633 Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 ...
CVE-2009-0634 Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT ...
CVE-2009-0635 Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, ...
S
CVE-2009-0636 Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allow...
S
CVE-2009-0637 The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enfor...
CVE-2009-0638 The Cisco Firewall Services Module (FWSM) 2.x, 3.1 before 3.1(16), 3.2 before 3.2(13), and 4.0 befor...
S
CVE-2009-0639 PHP remote file inclusion vulnerability in moduli/libri/index.php in phpyabs 0.1.2 allows remote att...
E
CVE-2009-0640 Directory traversal vulnerability in the administrative web server in Swann DVR4-SecuraNet allows re...
E
CVE-2009-0641 sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment va...
E S
CVE-2009-0642 ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_b...
E
CVE-2009-0643 Static code injection vulnerability in post.php in Simple PHP News 1.0 final allows remote attackers...
E
CVE-2009-0644 The HTTP interface in Swann DVR4-SecuraNet has a certain default administrative username and passwor...
E
CVE-2009-0645 Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to re...
E S
CVE-2009-0646 Multiple SQL injection vulnerabilities in 4Site CMS 2.6 and earlier allow remote attackers to execut...
E
CVE-2009-0647 msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, and other 14.0.8064.x builds, ...
CVE-2009-0648 Multiple cross-site request forgery (CSRF) vulnerabilities in the manage_users handler in admin/inde...
E
CVE-2009-0649 The web browser in Symbian OS on the Nokia N95 cell phone allows remote attackers to cause a denial ...
E
CVE-2009-0650 Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possib...
E
CVE-2009-0651 Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Se...
S
CVE-2009-0652 The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions befor...
CVE-2009-0653 OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certifi...
E
CVE-2009-0654 Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry r...
E
CVE-2009-0655 Lenovo Veriface III allows physically proximate attackers to login to a Windows account by presentin...
E
CVE-2009-0656 Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by pre...
E
CVE-2009-0657 Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by...
CVE-2009-0658 Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attacker...
E
CVE-2009-0659 Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 allows remote attackers...
CVE-2009-0660 Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.10 and 1.1 before 1.1.2...
E S
CVE-2009-0661 Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote attackers to cause a denial of servi...
S
CVE-2009-0662 The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product for Plone, does not properly h...
S
CVE-2009-0663 Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might ...
S
CVE-2009-0664 Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1...
S
CVE-2009-0667 Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent before 0.0.9.3, and 1....
S
CVE-2009-0668 Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise ...
CVE-2009-0669 Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharin...
S
CVE-2009-0671 Rejected reason: Format string vulnerability in the University of Washington (UW) c-client library, ...
R
CVE-2009-0672 SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows r...
E S
CVE-2009-0673 Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Se...
E
CVE-2009-0674 images/captcha.php in Raven Web Services RavenNuke 2.30, when register_globals and display_errors ar...
E
CVE-2009-0675 The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKF...
CVE-2009-0676 The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initial...
S
CVE-2009-0677 avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenN...
E
CVE-2009-0678 images/captcha.php in RavenNuke 2.30 allows remote attackers to obtain sensitive information via an ...
E
CVE-2009-0679 Cross-site scripting (XSS) vulnerability in the Your Account module in RavenNuke 2.30 allows remote ...
E
CVE-2009-0680 cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a d...
E
CVE-2009-0681 PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IO...
S
CVE-2009-0682 vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Su...
CVE-2009-0686 The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in Trend Micro Internet Pro 2008 a...
E
CVE-2009-0687 The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD ...
E S
CVE-2009-0688 Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers t...
S
CVE-2009-0689 Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new ...
E S
CVE-2009-0690 The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 d...
S
CVE-2009-0691 The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 d...
S
CVE-2009-0692 Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhcli...
S
CVE-2009-0693 Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote attackers to execute arbit...
CVE-2009-0695 hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which al...
E
CVE-2009-0696 The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-...
S
CVE-2009-0698 Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attack...
S
CVE-2009-0699 Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet Busines...
E
CVE-2009-0700 Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictio...
E
CVE-2009-0701 Multiple PHP remote file inclusion vulnerabilities in index.php in Cybershade CMS 0.2b, when registe...
E
CVE-2009-0702 SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla...
E
CVE-2009-0703 SQL injection vulnerability in bview.asp in ASPThai.Net Webboard 6.0 allows remote attackers to exec...
E
CVE-2009-0704 SQL injection vulnerability in search.php in WSN Guest 1.23 allows remote attackers to execute arbit...
E
CVE-2009-0705 SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is di...
E
CVE-2009-0706 SQL injection vulnerability in the Simple Review (com_simple_review) component 1.3.5 for Joomla! and...
E
CVE-2009-0707 SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute...
E
CVE-2009-0708 Multiple cross-site request forgery (CSRF) vulnerabilities in SemanticScuttle before 0.91 allow remo...
S
CVE-2009-0709 SQL injection vulnerability in login.php in PHPFootball 1.6 allows remote attackers to execute arbit...
CVE-2009-0710 Multiple cross-site scripting (XSS) vulnerabilities in PHPFootball 1.6 allow remote attackers to inj...
CVE-2009-0711 filter.php in PHPFootball 1.6 and earlier allows remote attackers to retrieve password hashes via a ...
E
CVE-2009-0712 Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows local u...
CVE-2009-0713 Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows remote ...
S
CVE-2009-0714 Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Da...
E
CVE-2009-0715 Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remo...
CVE-2009-0716 Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote ...
CVE-2009-0717 Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote ...
CVE-2009-0718 Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote ...
CVE-2009-0719 Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to...
S
CVE-2009-0720 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows r...
S
CVE-2009-0721 Unspecified vulnerability in Easy Login in the Sender module in HP Remote Graphics Software (RGS) 4....
S
CVE-2009-0722 Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote attackers to inclu...
E
CVE-2009-0723 Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3...
E S
CVE-2009-0726 SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allo...
E
CVE-2009-0727 SQL injection vulnerability in jobdetails.php in taifajobs 1.0 and earlier allows remote attackers t...
E
CVE-2009-0728 SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows ...
E
CVE-2009-0729 Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attac...
CVE-2009-0730 Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and J...
E
CVE-2009-0731 Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote attacker...
E
CVE-2009-0732 Downloadcenter 2.1 stores common.h under the web root with insufficient access control, which allows...
CVE-2009-0733 Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or libl...
E
CVE-2009-0734 Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remo...
CVE-2009-0735 Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_g...
E
CVE-2009-0736 Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject ar...
S
CVE-2009-0737 Multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php) in...
S
CVE-2009-0738 SQL injection vulnerability in login.php in Auth Php 1.0 allows remote attackers to execute arbitrar...
E
CVE-2009-0739 SQL injection vulnerability in login.php in MyNews 0.10 allows remote attackers to execute arbitrary...
E
CVE-2009-0740 SQL injection vulnerability in login.php in BlueBird Prelease allows remote attackers to execute arb...
E
CVE-2009-0741 SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home 2.1 and earlier allows remote...
E
CVE-2009-0742 The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7...
S
CVE-2009-0743 Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified...
E S
CVE-2009-0744 Apple Safari 4 Beta build 528.16 allows remote attackers to cause a denial of service (NULL pointer ...
E
CVE-2009-0745 The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6....
CVE-2009-0746 The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6...
CVE-2009-0747 The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 bef...
S
CVE-2009-0748 The ext4_fill_super function in fs/ext4/super.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6....
E
CVE-2009-0749 Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in O...
S
CVE-2009-0750 SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows re...
E
CVE-2009-0751 Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash)...
E
CVE-2009-0752 Unspecified vulnerability in Movable Type Pro and Community Solution 4.x before 4.24 has unknown imp...
S
CVE-2009-0753 Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to rea...
E
CVE-2009-0754 PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior ...
E
CVE-2009-0755 The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to caus...
E
CVE-2009-0756 The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to caus...
E
CVE-2009-0757 Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent attackers to cause a denial of s...
S
CVE-2009-0758 The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6....
CVE-2009-0759 Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated u...
CVE-2009-0760 Team Board 1.x and 2.x stores sensitive information under the web root with insufficient access cont...
E
CVE-2009-0761 Cross-site scripting (XSS) vulnerability in online.asp in Team Board 1.x allows remote attackers to ...
E
CVE-2009-0762 Cross-site scripting (XSS) vulnerability in ScriptsEz Ez PHP Comment allows remote attackers to inje...
CVE-2009-0763 Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 allows remote attackers to in...
E
CVE-2009-0764 Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 allow remote attackers to inject ...
CVE-2009-0765 Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and...
E
CVE-2009-0766 Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include a...
CVE-2009-0767 Kipper 2.01 stores sensitive information under the web root with insufficient access control, which ...
E
CVE-2009-0768 SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier allows remote attackers to exec...
E
CVE-2009-0769 QIP 2005 build 8082 allows remote attackers to cause a denial of service (CPU consumption and applic...
E
CVE-2009-0770 dkim-milter 2.6.0 through 2.8.0 allows remote attackers to cause a denial of service (crash) by sign...
E S
CVE-2009-0771 The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15...
CVE-2009-0772 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonke...
CVE-2009-0773 The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1....
E S
CVE-2009-0774 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonke...
CVE-2009-0775 Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonke...
CVE-2009-0776 nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1...
CVE-2009-0777 Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisi...
CVE-2009-0778 The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a ro...
E
CVE-2009-0779 Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "...
S
CVE-2009-0780 The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and 4.4 allows remote attackers to ...
S
CVE-2009-0781 Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the exam...
CVE-2009-0782 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2009-0783 Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web appli...
S
CVE-2009-0784 Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the st...
S
CVE-2009-0785 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2009-0786 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This was originally int...
R
CVE-2009-0787 The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2...
S
CVE-2009-0788 Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which...
CVE-2009-0789 OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN....
S
CVE-2009-0790 The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and S...
S
CVE-2009-0791 Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUP...
S
CVE-2009-0792 Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka ...
CVE-2009-0793 cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows re...
CVE-2009-0794 Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/Pul...
CVE-2009-0795 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0796, CVE-2009-1265. Reaso...
R
CVE-2009-0796 Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_p...
E S
CVE-2009-0797 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2009-0798 ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU co...
S
CVE-2009-0799 The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and ot...
S
CVE-2009-0800 Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and e...
CVE-2009-0801 Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the rem...
CVE-2009-0802 Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine ...
CVE-2009-0803 SmoothWall SmoothGuardian, as used in SmoothWall Firewall, NetworkGuardian, and SchoolGuardian 2008,...
CVE-2009-0804 Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine...
CVE-2009-0805 Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remo...
S
CVE-2009-0806 Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authenticated users to modify their ...
S
CVE-2009-0807 zFeeder 1.6 allows remote attackers to gain administrative access via a direct request to admin.php....
E
CVE-2009-0808 Multiple SQL injection vulnerabilities in SimpleCMMS before 0.1.0 allow remote attackers to execute ...
CVE-2009-0809 The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release 18 Service Pack 8, and possibl...
CVE-2009-0810 SQL injection vulnerability in login.php in xGuestbook 2.0 allows remote attackers to execute arbitr...
E
CVE-2009-0811 Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows ...
E
CVE-2009-0812 Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and ...
E
CVE-2009-0813 Insecure method vulnerability in the ImeraIEPlugin ActiveX control (ImeraIEPlugin.dll 1.0.2.54) in I...
E
CVE-2009-0814 Cross-site scripting (XSS) vulnerability in Widgets.aspx in Blogsa 1.0 Beta 3 and earlier allows rem...
E
CVE-2009-0815 The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 bef...
S
CVE-2009-0816 Multiple cross-site scripting (XSS) vulnerabilities in the backend user interface in TYPO3 3.3.x thr...
S
CVE-2009-0817 Cross-site scripting (XSS) vulnerability in the Protected Node module 5.x before 5.x-1.4 and 6.x bef...
E S
CVE-2009-0818 Cross-site scripting (XSS) vulnerability in the taxonomy_theme_admin_table_builder function (taxonom...
S
CVE-2009-0819 sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated use...
E S
CVE-2009-0820 Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 allow remote attackers to exe...
S
CVE-2009-0821 Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (applicati...
E
CVE-2009-0824 Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, V...
CVE-2009-0825 SQL injection vulnerability in system/rss.php in TinX/cms 3.x before 3.5.1 allows remote attackers t...
E S
CVE-2009-0826 BlogHelper stores common_db.inc under the web root with insufficient access control, which allows re...
E
CVE-2009-0827 PollHelper stores poll.inc under the web root with insufficient access control, which allows remote ...
E
CVE-2009-0828 QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote...
E
CVE-2009-0829 Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL ...
CVE-2009-0830 Cross-site scripting (XSS) vulnerability in QuoteBook allows remote attackers to inject arbitrary we...
CVE-2009-0831 SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when m...
E
CVE-2009-0832 SQL injection vulnerability in items.php in the E-Cart module 1.3 for PHP-Fusion allows remote attac...
E
CVE-2009-0833 Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote ...
E
CVE-2009-0834 The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform doe...
S
CVE-2009-0835 The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6...
E
CVE-2009-0836 Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not requ...
S
CVE-2009-0837 Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, including 1120 and 1301, allows r...
CVE-2009-0838 The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not ...
S
CVE-2009-0839 Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5....
E
CVE-2009-0840 Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x be...
E S
CVE-2009-0841 Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x bef...
E S
CVE-2009-0842 mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrar...
E S
CVE-2009-0843 The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remot...
S
CVE-2009-0844 The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1...
CVE-2009-0845 The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka...
E
CVE-2009-0846 The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime de...
S
CVE-2009-0847 The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is ...
CVE-2009-0848 Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 allows local users to execute ...
CVE-2009-0849 Stack-based buffer overflow in the DtbClsLogin function in NovaStor NovaNET 12 allows remote attacke...
E
CVE-2009-0850 Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted ...
CVE-2009-0851 Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow re...
E
CVE-2009-0852 showme.php in CelerBB 0.0.2 allows remote attackers to obtain "reserved information" via the user pa...
E
CVE-2009-0853 login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows remote attackers to bypass aut...
E
CVE-2009-0854 Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users to...
CVE-2009-0855 Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application ...
CVE-2009-0856 Multiple cross-site scripting (XSS) vulnerabilities in sample applications in IBM WebSphere Applicat...
S
CVE-2009-0857 Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) f...
S
CVE-2009-0858 The response_addname function in response.c in Daniel J. Bernstein djbdns 1.05 and earlier does not ...
E S
CVE-2009-0859 The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, whe...
CVE-2009-0860 Cross-site scripting (XSS) vulnerability in the web user interface in the login application in NetMR...
CVE-2009-0861 Cross-site scripting (XSS) vulnerability in phpDenora before 1.2.3 allows remote attackers to inject...
S
CVE-2009-0862 Cross-site scripting (XSS) vulnerability in the hook_cntrlr_error_output function in modules/page/ho...
S
CVE-2009-0863 SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to ...
E
CVE-2009-0864 S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access v...
E
CVE-2009-0865 Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v82...
E
CVE-2009-0866 pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, whi...
E
CVE-2009-0867 The HRM-S service in Fujitsu Enhanced Support Facility 3.0 and 3.0.1 allows remote attackers to obta...
CVE-2009-0868 CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allow...
CVE-2009-0869 Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM 5.3.2.0 through 5.3.5.0, 5.4.0...
S
CVE-2009-0870 The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local...
S
CVE-2009-0871 The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 before 1.6.0.6; 1...
S
CVE-2009-0872 The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AU...
E S
CVE-2009-0873 The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does...
E S
CVE-2009-0874 Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 1...
S
CVE-2009-0875 Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris bef...
S
CVE-2009-0876 Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows l...
E S
CVE-2009-0877 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow ...
E
CVE-2009-0878 The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote att...
CVE-2009-0879 The CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to ...
E S
CVE-2009-0880 Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 o...
E S
CVE-2009-0881 SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute ar...
E
CVE-2009-0882 Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL...
E
CVE-2009-0883 SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when magic_quotes_gpc is disabled, al...
E
CVE-2009-0884 Buffer overflow in FileZilla Server before 0.9.31 allows remote attackers to cause a denial of servi...
CVE-2009-0885 Multiple heap-based buffer overflows in Media Commands 1.0 allow remote attackers to execute arbitra...
E
CVE-2009-0886 Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remo...
E
CVE-2009-0887 Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0...
E S
CVE-2009-0888 Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R...
S
CVE-2009-0889 Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R...
S
CVE-2009-0891 The Web Services Security component in IBM WebSphere Application Server 7.0 before Fix Pack 1 (7.0.0...
S
CVE-2009-0892 The administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 and 7.0 bef...
S
CVE-2009-0893 Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the xvidcore library in Xvid befor...
E S
CVE-2009-0894 Heap-based buffer overflow in the decoder_create function in the initialization functionality in xvi...
E S
CVE-2009-0895 Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows r...
S
CVE-2009-0896 Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 a...
S
CVE-2009-0897 IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote auth...
S
CVE-2009-0898 Stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows...
S
CVE-2009-0899 IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere P...
S
CVE-2009-0900 Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 before 6.0.2.7 and 7.0 before 7.0.1...
CVE-2009-0901 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 a...
S
CVE-2009-0903 IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and the Feature Pack for Web Services for...
S
CVE-2009-0904 The IBM Stax XMLStreamWriter in the Web Services component in IBM WebSphere Application Server (WAS)...
CVE-2009-0905 IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names...
CVE-2009-0906 The Service Component Architecture (SCA) feature pack for IBM WebSphere Application Server (WAS) SCA...
S
CVE-2009-0907 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1899. Reason: This candida...
R
CVE-2009-0908 Unspecified vulnerability in the ACE shared folders implementation in the VMware Host Guest File Sys...
S
CVE-2009-0909 Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, ...
E S
CVE-2009-0910 Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, ...
E S
CVE-2009-0912 perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Li...
S
CVE-2009-0913 Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 t...
CVE-2009-0914 Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that tr...
CVE-2009-0915 Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified ...
CVE-2009-0916 Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "...
CVE-2009-0917 Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers t...
S
CVE-2009-0918 Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to exe...
S
CVE-2009-0919 XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote a...
S
CVE-2009-0920 Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, ...
E
CVE-2009-0921 Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NN...
E
CVE-2009-0922 PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cau...
E S
CVE-2009-0923 Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 t...
CVE-2009-0924 Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x...
CVE-2009-0925 Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through s...
CVE-2009-0926 Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_...
CVE-2009-0927 Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 b...
KEV E S
CVE-2009-0928 Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and...
CVE-2009-0929 Directory traversal vulnerability in the media manager in Nucleus CMS before 3.40 allows remote atta...
CVE-2009-0930 Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 4.2.2 and 4.3.3 allow remote...
CVE-2009-0931 Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud...
S
CVE-2009-0932 Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and H...
CVE-2009-0933 Cross-site scripting (XSS) vulnerability in the administrative interface in Dotclear before 2.1.5 al...
S
CVE-2009-0934 Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allows remote attackers to inject ...
CVE-2009-0935 The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc...
S
CVE-2009-0936 Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infi...
S
CVE-2009-0937 Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of servi...
S
CVE-2009-0938 Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of servi...
S
CVE-2009-0939 Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack v...
CVE-2009-0940 Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP...
E
CVE-2009-0941 The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has...
CVE-2009-0942 Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading ...
S
CVE-2009-0943 Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that HTML pathnames are...
S
CVE-2009-0944 The Microsoft Office Spotlight Importer in Spotlight in Apple Mac OS X 10.4.11 and 10.5 before 10.5....
S
CVE-2009-0945 Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and...
S
CVE-2009-0946 Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary...
S
CVE-2009-0947 Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file ...
CVE-2009-0948 Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_...
CVE-2009-0949 The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize mem...
E
CVE-2009-0950 Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary ...
E S
CVE-2009-0951 Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitr...
E S
CVE-2009-0952 Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or...
S
CVE-2009-0953 Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitr...
S
CVE-2009-0954 Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to exe...
S
CVE-2009-0955 Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of ...
S
CVE-2009-0956 Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files,...
S
CVE-2009-0957 Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitr...
S
CVE-2009-0958 Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception...
S
CVE-2009-0959 The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through...
S
CVE-2009-0960 The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2...
S
CVE-2009-0961 The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2...
S
CVE-2009-0962 Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 and earlier, and CGI...
CVE-2009-0963 Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly earlier, allow remote attacker...
E
CVE-2009-0964 UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the datab...
E
CVE-2009-0965 SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 all...
E
CVE-2009-0966 PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote ...
E
CVE-2009-0967 The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote authenticated users to cause a denial...
E
CVE-2009-0968 SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote att...
E
CVE-2009-0969 Cross-site request forgery (CSRF) vulnerability in account/settings/account/index.php in phpFoX 1.6....
E
CVE-2009-0970 PHP remote file inclusion vulnerability in includes/class_image.php in PHP Pro Bid 6.05, when regist...
CVE-2009-0971 Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access Analyzer CGI Standard Version 3...
S
CVE-2009-0972 Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, ...
CVE-2009-0973 Unspecified vulnerability in the Cluster Ready Services component in Oracle Database 10.1.0.5 allows...
CVE-2009-0974 Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2...
CVE-2009-0975 Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0....
CVE-2009-0976 Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0....
CVE-2009-0977 Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 1...
CVE-2009-0978 Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0....
CVE-2009-0979 Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV...
CVE-2009-0980 Unspecified vulnerability in the SQLX Functions component in Oracle Database 10.2.0.3 and 11.1.0.6 a...
CVE-2009-0981 Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows re...
E
CVE-2009-0982 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft En...
CVE-2009-0983 Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2...
CVE-2009-0984 Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, an...
CVE-2009-0985 Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5, 10.2.0.4, and 11....
CVE-2009-0986 Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0....
CVE-2009-0987 Unspecified vulnerability in the Upgrade component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, ...
CVE-2009-0988 Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote...
CVE-2009-0989 Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2...
CVE-2009-0990 Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2...
CVE-2009-0991 Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5,...
S
CVE-2009-0992 Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, a...
CVE-2009-0993 Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote ...
CVE-2009-0994 Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2...
CVE-2009-0995 Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
CVE-2009-0996 Unspecified vulnerability in the BI Publisher component in Oracle Application Server 10.1.3.2.1, 10....
CVE-2009-0997 Unspecified vulnerability in the Database Vault component in Oracle Database 11.1.0.6 allows remote ...
CVE-2009-0998 Unspecified vulnerability in the PeopleSoft Enterprise HRMS - eBenefits component in Oracle PeopleSo...
CVE-2009-0999 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.