CVE-2009-1xxx

There are 965 CVE in this subgroup.
Last updated: 
← Back to 2009
ID Summary Flags Max Score
CVE-2009-1000 The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses defa...
CVE-2009-1001 Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authentic...
CVE-2009-1002 Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold throug...
CVE-2009-1003 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 ...
CVE-2009-1004 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote a...
CVE-2009-1005 Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) c...
CVE-2009-1006 Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SD...
CVE-2009-1007 Unspecified vulnerability in the Data Mining component in Oracle Database 10.2.0.4 allows remote aut...
CVE-2009-1008 Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 ...
CVE-2009-1009 Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 ...
CVE-2009-1010 Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 ...
CVE-2009-1011 Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 ...
CVE-2009-1012 Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Serv...
CVE-2009-1013 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft En...
CVE-2009-1014 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft En...
S
CVE-2009-1015 Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.05...
CVE-2009-1016 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 ...
CVE-2009-1017 Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2...
CVE-2009-1018 Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remo...
CVE-2009-1019 Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0....
CVE-2009-1020 Unspecified vulnerability in the Network Foundation component in Oracle Database 9.2.0.8, 9.2.0.8DV,...
CVE-2009-1021 Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8D...
CVE-2009-1022 Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0....
E
CVE-2009-1023 SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbit...
E
CVE-2009-1024 Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 allow remote attackers to execute...
E
CVE-2009-1025 PHP remote file inclusion vulnerability in linkadmin.php in Beerwin PHPLinkAdmin 1.0 allows remote a...
E
CVE-2009-1026 Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to ex...
E
CVE-2009-1027 SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers to execute arbitrary SQL comma...
CVE-2009-1028 Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote attackers to execute arbitrary c...
E
CVE-2009-1029 Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute ...
E
CVE-2009-1030 Cross-site scripting (XSS) vulnerability in the choose_primary_blog function in wp-includes/wpmu-fun...
E
CVE-2009-1031 Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 thr...
E
CVE-2009-1032 SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 a...
E
CVE-2009-1033 SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier allows remote attackers to execu...
E
CVE-2009-1034 SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0...
S
CVE-2009-1035 Cross-site scripting (XSS) vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x b...
CVE-2009-1036 Cross-site request forgery (CSRF) vulnerability in the Plus 1 module before 6.x-2.6, a module for Dr...
S
CVE-2009-1037 Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" mod...
S
CVE-2009-1038 Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary...
E
CVE-2009-1039 Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbitrary code via a crafted Info ...
E
CVE-2009-1040 Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary ...
E
CVE-2009-1041 The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwri...
E
CVE-2009-1042 Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbi...
CVE-2009-1043 Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to e...
CVE-2009-1044 Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vec...
S
CVE-2009-1045 requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial of service (stack consum...
E
CVE-2009-1046 The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earli...
S
CVE-2009-1047 Cross-site scripting (XSS) vulnerability in the Send by e-mail module in the "Printer, e-mail and PD...
S
CVE-2009-1048 The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with ...
CVE-2009-1049 SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute a...
E
CVE-2009-1050 Bloginator 1A allows remote attackers to bypass authentication and gain administrative access by set...
E
CVE-2009-1051 FubarForum 1.6 and earlier stores sensitive information under the web root with insufficient access ...
CVE-2009-1052 FireAnt 1.3 and earlier stores sensitive information under the web root with insufficient access con...
CVE-2009-1053 chaozzDB 1.2 and earlier stores sensitive information under the web root with insufficient access co...
CVE-2009-1054 Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 2008, Lite2, and Ichitaro viewer ...
S
CVE-2009-1055 Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 rev. 071114 allows remote authent...
CVE-2009-1056 IBM Rational AppScan Enterprise before 5.5 FP1 allows remote attackers to read arbitrary exported re...
CVE-2009-1057 MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to execute arbitrary code via a crafte...
E
CVE-2009-1058 Stack-based buffer overflow in ZipGenius might allow remote attackers to execute arbitrary code via ...
E
CVE-2009-1059 Stack-based buffer overflow in Trident PowerZip 7.2 might allow remote attackers to execute arbitrar...
E
CVE-2009-1060 Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbi...
CVE-2009-1061 Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 m...
S
CVE-2009-1062 Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers t...
S
CVE-2009-1063 Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers to execute arbitrary code via...
E
CVE-2009-1064 Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit Downloader 2.8.7 and earlier A...
E
CVE-2009-1065 SQL injection vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to execute arbit...
CVE-2009-1066 SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a al...
E
CVE-2009-1067 Cross-site scripting (XSS) vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to ...
E
CVE-2009-1068 Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and e...
E
CVE-2009-1069 Multiple cross-site scripting (XSS) vulnerabilities in the node edit form feature in Drupal Content ...
S
CVE-2009-1070 Cross-site scripting (XSS) vulnerability in system/index.php in ExpressionEngine 1.6.4 through 1.6.6...
E
CVE-2009-1071 Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (appl...
E
CVE-2009-1072 nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a us...
CVE-2009-1073 nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which allow...
E S
CVE-2009-1074 Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not use SSL in all expected circumstance...
E S
CVE-2009-1075 Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the For...
E S
CVE-2009-1076 Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the end...
S
CVE-2009-1077 The Change My Password implementation in the admin interface in Sun Java System Identity Manager (Id...
E S
CVE-2009-1078 Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforce the expected privilege requi...
E S
CVE-2009-1079 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 th...
E S
CVE-2009-1080 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 th...
E S
CVE-2009-1081 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 th...
E S
CVE-2009-1082 Sun Java System Identity Manager (IdM) 7.0 through 8.0 allows remote authenticated users to gain pri...
S
CVE-2009-1083 Sun Java System Identity Manager (IdM) 7.0 through 8.0 on Linux, AIX, Solaris, and HP-UX permits "co...
S
CVE-2009-1084 Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not properly restrict access to the Syst...
S
CVE-2009-1085 Piwik 0.2.32 and earlier stores sensitive information under the web root with insufficient access co...
CVE-2009-1086 Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote ...
CVE-2009-1087 Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and earlier allow remote ...
E
CVE-2009-1088 Hannon Hill Cascade Server 5.7 and other versions allows remote authenticated users to execute arbit...
E
CVE-2009-1089 Absolute path traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote a...
CVE-2009-1090 Directory traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attac...
CVE-2009-1091 Cross-site scripting (XSS) vulnerability in upload.php in Rapidleech rev.36 and earlier allows remot...
CVE-2009-1092 Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 fo...
E
CVE-2009-1093 LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 ...
S
CVE-2009-1094 Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runti...
S
CVE-2009-1095 Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5....
S
CVE-2009-1096 Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0...
S
CVE-2009-1097 Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Upda...
S
CVE-2009-1098 Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 an...
S
CVE-2009-1099 Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Upd...
S
CVE-2009-1100 Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (...
S
CVE-2009-1101 Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (...
S
CVE-2009-1102 Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime E...
S
CVE-2009-1103 Unspecified vulnerability in the Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Envi...
S
CVE-2009-1104 The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 a...
S
CVE-2009-1105 The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11...
S
CVE-2009-1106 The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11...
S
CVE-2009-1107 The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and...
S
CVE-2009-1119 Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote...
CVE-2009-1120 EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerabilit...
CVE-2009-1122 The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does n...
S
CVE-2009-1123 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2,...
KEV S
CVE-2009-1124 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2,...
CVE-2009-1125 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2,...
CVE-2009-1126 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly vali...
CVE-2009-1127 win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold,...
CVE-2009-1128 Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbi...
CVE-2009-1129 Multiple stack-based buffer overflows in the PowerPoint 95 importer (PP7X32.DLL) in Microsoft Office...
CVE-2009-1130 Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in M...
CVE-2009-1131 Multiple stack-based buffer overflows in Microsoft Office PowerPoint 2000 SP3 allow remote attackers...
CVE-2009-1132 Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows...
CVE-2009-1133 Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client...
S
CVE-2009-1134 Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Offi...
CVE-2009-1135 Microsoft Internet Security and Acceleration (ISA) Server 2006 Gold and SP1, when Radius OTP is enab...
CVE-2009-1136 The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed...
E
CVE-2009-1137 Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbi...
CVE-2009-1138 The LDAP service in Active Directory on Microsoft Windows 2000 SP4 does not properly free memory for...
S
CVE-2009-1139 Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP...
CVE-2009-1140 Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server ...
CVE-2009-1141 Microsoft Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers...
CVE-2009-1142 An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a sy...
CVE-2009-1143 An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access r...
S
CVE-2009-1144 Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users ...
CVE-2009-1146 Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware P...
S
CVE-2009-1147 Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMwar...
CVE-2009-1148 Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMy...
S
CVE-2009-1149 CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin...
S
CVE-2009-1150 Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in p...
S
CVE-2009-1151 Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before...
KEV E S
CVE-2009-1152 Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly other versions, allows remote atta...
E
CVE-2009-1153 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-1154 Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) ...
S
CVE-2009-1155 Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(...
S
CVE-2009-1156 Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before...
S
CVE-2009-1157 Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 ...
S
CVE-2009-1158 Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before...
S
CVE-2009-1159 Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security A...
S
CVE-2009-1160 Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1,...
S
CVE-2009-1161 Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0...
S
CVE-2009-1162 Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS...
CVE-2009-1163 Memory leak on the Cisco Physical Access Gateway with software before 1.1 allows remote attackers to...
S
CVE-2009-1164 The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2....
S
CVE-2009-1165 Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1...
S
CVE-2009-1166 The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2....
S
CVE-2009-1167 Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 a...
CVE-2009-1168 Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12....
S
CVE-2009-1169 The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey be...
E S
CVE-2009-1170 Unspecified vulnerability in Sun OpenSolaris snv_100 through snv_101 allows local users, with privil...
CVE-2009-1171 The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9....
E
CVE-2009-1172 The JAX-RPC WS-Security runtime in the Web Services Security component in IBM WebSphere Application ...
S
CVE-2009-1173 IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files asso...
S
CVE-2009-1174 The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 ...
S
CVE-2009-1175 Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in the DAAP extension in Banshee 1....
CVE-2009-1176 mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the st...
E S
CVE-2009-1177 Multiple stack-based buffer overflows in maptemplate.c in mapserv in MapServer 4.x before 4.10.4 and...
E S
CVE-2009-1178 Unspecified vulnerability in the server in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.2 and 6...
S
CVE-2009-1179 Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler b...
S
CVE-2009-1180 The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and ot...
S
CVE-2009-1181 The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and ot...
S
CVE-2009-1182 Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earli...
CVE-2009-1183 The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, an...
S
CVE-2009-1184 The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsyst...
S
CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allo...
E S
CVE-2009-1186 Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 all...
S
CVE-2009-1187 Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to c...
S
CVE-2009-1188 Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashB...
S
CVE-2009-1189 The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) befo...
E S
CVE-2009-1190 Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Devel...
E
CVE-2009-1191 mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers...
S
CVE-2009-1192 The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic...
S
CVE-2009-1193 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2009-1194 Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before ...
E S
CVE-2009-1195 The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEX...
E S
CVE-2009-1196 The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attack...
S
CVE-2009-1197 Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error ...
CVE-2009-1198 Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 allows remote attackers to injec...
CVE-2009-1201 Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco ...
E
CVE-2009-1202 WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1...
CVE-2009-1203 WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1...
E
CVE-2009-1204 Cross-site scripting (XSS) vulnerability in TikiWiki (Tiki) CMS/Groupware 2.2 allows remote attacker...
E S
CVE-2009-1205 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4475. Reason: This candida...
R
CVE-2009-1206 Unspecified vulnerability in futomi's CGI Cafe Access Analyzer CGI Professional Version 4.11.5 and e...
CVE-2009-1207 Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_...
S
CVE-2009-1208 SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the add...
S
CVE-2009-1209 Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitra...
E
CVE-2009-1210 Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier al...
E
CVE-2009-1211 Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to deter...
CVE-2009-1212 Multiple insecure method vulnerabilities in PRECIS~2.DLL in the PrecisionID Datamatrix ActiveX contr...
E
CVE-2009-1213 Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 before 3.2.3, 3.3 ...
S
CVE-2009-1214 GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, wh...
CVE-2009-1215 Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a s...
CVE-2009-1216 Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Micros...
CVE-2009-1217 Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP allo...
CVE-2009-1218 Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Ca...
E S
CVE-2009-1219 Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6...
E S
CVE-2009-1220 Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Secu...
E
CVE-2009-1222 Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when register_glob...
E
CVE-2009-1223 aspWebCalendar Free Edition stores sensitive information under the web root with insufficient access...
CVE-2009-1224 SQL injection vulnerability in vsp-core/pub/themes/bismarck/gamestat.php in vsp stats processor 0.45...
E
CVE-2009-1225 Cross-site scripting (XSS) vulnerability in index.php in Turnkey Ebook Store 1.1 allows remote attac...
E
CVE-2009-1226 core/admin/delete.php in Podcast Generator 1.1 and earlier does not properly restrict access to admi...
E
CVE-2009-1227 NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check P...
E
CVE-2009-1228 Cross-site scripting (XSS) vulnerability in register.php in Arcadwy Arcade Script CMS allows remote ...
E
CVE-2009-1229 SQL injection vulnerability in Arcadwy Arcade Script allows remote attackers to execute arbitrary SQ...
E
CVE-2009-1230 Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote ...
E
CVE-2009-1231 Unspecified vulnerability in the eClient in IBM DB2 Content Manager 8.4.1 before 8.4.1.1 has unknown...
S
CVE-2009-1232 Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote attackers to cause a denial of servic...
E
CVE-2009-1233 Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service (appli...
E
CVE-2009-1234 Opera 9.64 allows remote attackers to cause a denial of service (application crash) via an XML docum...
E
CVE-2009-1235 XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interactio...
E
CVE-2009-1236 Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple M...
E
CVE-2009-1237 Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local ...
E
CVE-2009-1238 Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6...
E
CVE-2009-1239 IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of...
S
CVE-2009-1240 Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia ...
CVE-2009-1241 Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malwa...
CVE-2009-1242 The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the...
S
CVE-2009-1243 net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain incorrect c...
S
CVE-2009-1244 Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and ea...
S
CVE-2009-1245 Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/func...
E S
CVE-2009-1246 Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and e...
E
CVE-2009-1247 SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to exe...
E
CVE-2009-1248 Multiple PHP remote file inclusion vulnerabilities in Acute Control Panel 1.0.0 allow remote attacke...
E
CVE-2009-1249 Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Dru...
S
CVE-2009-1250 The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3...
E
CVE-2009-1251 Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0...
S
CVE-2009-1252 Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p...
S
CVE-2009-1253 James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an u...
CVE-2009-1254 James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacte...
CVE-2009-1255 The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the c...
E S
CVE-2009-1256 SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to execute arbitrary SQL commands...
E
CVE-2009-1257 Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a deni...
E
CVE-2009-1258 SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote ...
CVE-2009-1259 SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc...
E
CVE-2009-1260 Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to c...
E
CVE-2009-1261 Multiple cross-site scripting (XSS) vulnerabilities in Web Help Desk 9.1.22 (evaluation version) all...
CVE-2009-1262 Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local user...
CVE-2009-1263 SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0...
E
CVE-2009-1264 Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not prop...
S
CVE-2009-1265 Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other version...
E
CVE-2009-1266 Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors....
CVE-2009-1267 Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on W...
S
CVE-2009-1268 The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows...
CVE-2009-1269 Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denia...
CVE-2009-1270 libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infini...
CVE-2009-1271 The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers ...
CVE-2009-1272 The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-depend...
CVE-2009-1273 pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates diffe...
CVE-2009-1274 Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16....
E
CVE-2009-1275 Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Lan...
CVE-2009-1276 XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or...
S
CVE-2009-1277 SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers t...
E
CVE-2009-1278 Static code injection vulnerability in forms/ajax/configure.php in Gravity Board X (GBX) 2.0 BETA al...
E
CVE-2009-1279 Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attack...
S
CVE-2009-1280 Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1....
CVE-2009-1281 Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 allows remote attackers to inject ...
S
CVE-2009-1282 SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows r...
E S
CVE-2009-1283 glFusion before 1.1.3 performs authentication with a user-provided password hash instead of a passwo...
E S
CVE-2009-1284 Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memo...
E
CVE-2009-1285 Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php ...
E S
CVE-2009-1286 The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 and 8.5 before IF3 allows remot...
E S
CVE-2009-1287 Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge Services Manager (SESM) allows rem...
CVE-2009-1288 Multiple cross-site scripting (XSS) vulnerabilities in the Advanced Management Module (AMM) on the I...
E
CVE-2009-1289 private/login.ssi in the Advanced Management Module (AMM) on the IBM BladeCenter, including the Blad...
E
CVE-2009-1290 Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration interface in th...
E
CVE-2009-1291 Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTw...
S
CVE-2009-1292 UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7....
S
CVE-2009-1293 The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates dif...
E S
CVE-2009-1294 Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in...
E S
CVE-2009-1295 Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 o...
E
CVE-2009-1296 The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passph...
CVE-2009-1297 iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 ...
CVE-2009-1298 The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and ...
CVE-2009-1299 The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to...
CVE-2009-1300 apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent a...
CVE-2009-1301 Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 all...
S
CVE-2009-1302 The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey b...
E
CVE-2009-1303 The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey befor...
CVE-2009-1304 The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonke...
E
CVE-2009-1305 The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey be...
E
CVE-2009-1306 The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not fol...
CVE-2009-1307 The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does...
S
CVE-2009-1308 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey...
E
CVE-2009-1309 Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin P...
CVE-2009-1310 Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox b...
E S
CVE-2009-1311 Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obt...
E
CVE-2009-1312 Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers i...
S
CVE-2009-1313 The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3....
CVE-2009-1314 body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbi...
E
CVE-2009-1315 Multiple cross-site scripting (XSS) vulnerabilities in AbleSpace 1.0 allow remote attackers to injec...
E
CVE-2009-1316 Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary ...
E
CVE-2009-1317 Multiple SQL injection vulnerabilities in Aqua CMS 1.1, when magic_quotes_gpc is disabled, allow rem...
E
CVE-2009-1318 Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and pos...
E
CVE-2009-1319 Directory traversal vulnerability in includes/ini.inc.php in GuestCal 2.1 allows remote attackers to...
E
CVE-2009-1320 Multiple cross-site scripting (XSS) vulnerabilities in include/zstore.php in Zazzle Store Builder 1....
CVE-2009-1321 Cross-site scripting (XSS) vulnerability in search.asp in ASP Product Catalog 1.0 allows remote atta...
E
CVE-2009-1322 ASP Product Catalog 1.0 stores sensitive information under the web root with insufficient access con...
E
CVE-2009-1323 SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute ...
E
CVE-2009-1324 Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to e...
E
CVE-2009-1325 Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitra...
E
CVE-2009-1326 Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute ...
E
CVE-2009-1327 Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 allows remote attackers to execute ...
E
CVE-2009-1328 Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execu...
E
CVE-2009-1329 Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0.1.7 allows remote attackers to...
E
CVE-2009-1330 Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary...
E
CVE-2009-1331 Integer overflow in Microsoft Windows Media Player (WMP) 11.0.5721.5260 allows remote attackers to c...
E
CVE-2009-1332 The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remo...
CVE-2009-1333 Cross-site scripting (XSS) vulnerability in refresh_rate.htm in the web interface on the HP Deskjet ...
CVE-2009-1334 Cross-site scripting (XSS) vulnerability in login/FilepathLogin.html in IBM Tivoli Continuous Data P...
E
CVE-2009-1335 Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows remote attackers to cause a denia...
CVE-2009-1336 fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure m...
CVE-2009-1337 The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict ex...
S
CVE-2009-1338 The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consi...
S
CVE-2009-1339 Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.1 allows remote authenticated us...
E S
CVE-2009-1341 Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) m...
CVE-2009-1342 Cross-site scripting (XSS) vulnerability in the CCK comment reference module 6.x before 6.x-1.2, a m...
S
CVE-2009-1343 Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module ...
S
CVE-2009-1344 Cross-site scripting (XSS) vulnerability in the Localization client module 5.x before 5.x-1.2 and 6....
S
CVE-2009-1345 SQL injection vulnerability in document.php in cpCommerce 1.2.8 allows remote attackers to execute a...
E
CVE-2009-1346 SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 allows remote attackers to execut...
E
CVE-2009-1347 Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers ...
E
CVE-2009-1348 The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShie...
S
CVE-2009-1349 Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject a...
E
CVE-2009-1350 Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote att...
S
CVE-2009-1351 Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (appl...
E
CVE-2009-1352 Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote attackers to cause a denial of...
E
CVE-2009-1353 Buffer overflow in the http_parse_hex function in libz/misc.c in Zervit Webserver 0.02 allows remote...
E
CVE-2009-1354 Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files vi...
E
CVE-2009-1355 Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privi...
S
CVE-2009-1356 Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary co...
E
CVE-2009-1357 CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 through 6...
E S
CVE-2009-1358 apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt t...
CVE-2009-1359 Unspecified vulnerability in the SCTP sockets implementation in Sun OpenSolaris snv_106 through snv_...
S
CVE-2009-1360 The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6...
E S
CVE-2009-1361 dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell me...
CVE-2009-1362 SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers t...
CVE-2009-1364 Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent a...
CVE-2009-1365 Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.4 and 3.5.x before 3.5.2, as ...
S
CVE-2009-1366 Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke (DNN) b...
CVE-2009-1367 Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 allows remote attackers to i...
E
CVE-2009-1368 Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arb...
E S
CVE-2009-1369 moziloCMS 1.11 allows remote attackers to obtain sensitive information via the (1) gal[] parameter t...
E
CVE-2009-1370 Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video Converter 3.1.53.0704n and 5.1.23.04...
E
CVE-2009-1371 The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to c...
S
CVE-2009-1372 Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before...
S
CVE-2009-1373 Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows r...
S
CVE-2009-1374 Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote att...
S
CVE-2009-1375 The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintai...
S
CVE-2009-1376 Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (...
S
CVE-2009-1377 The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows...
S
CVE-2009-1378 Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0...
E S
CVE-2009-1379 Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in Op...
E
CVE-2009-1380 Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Appli...
S
CVE-2009-1381 The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19-1 on Debian GN...
E
CVE-2009-1382 Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, al...
E S
CVE-2009-1383 The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote ...
CVE-2009-1384 pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different pas...
CVE-2009-1385 Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 ...
E S
CVE-2009-1386 ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL poi...
E S
CVE-2009-1387 The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows...
S
CVE-2009-1388 The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle sim...
S
CVE-2009-1389 Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 al...
E
CVE-2009-1390 Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows ...
E S
CVE-2009-1391 Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017,...
E S
CVE-2009-1392 The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey be...
E S
CVE-2009-1394 Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows allows remote attackers to exe...
CVE-2009-1403 SQL injection vulnerability in product_info.php in CRE Loaded 6.2 allows remote attackers to execute...
E
CVE-2009-1404 SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allo...
E
CVE-2009-1405 Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled...
E
CVE-2009-1406 Directory traversal vulnerability in cms_detect.php in TotalCalendar 2.4 allows remote attackers to ...
E
CVE-2009-1407 Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows remote attackers to read arbi...
E
CVE-2009-1408 Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitr...
E S
CVE-2009-1409 SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fiel...
E
CVE-2009-1410 SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute ar...
E
CVE-2009-1411 SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 al...
E
CVE-2009-1412 Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154...
E
CVE-2009-1413 Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attac...
CVE-2009-1414 Google Chrome 2.0.x lets modifications to the global object persist across a page transition, which ...
CVE-2009-1415 lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatur...
E S
CVE-2009-1416 lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structur...
E S
CVE-2009-1417 gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certi...
S
CVE-2009-1418 Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allo...
S
CVE-2009-1419 Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.0.0 through 2.52, ...
S
CVE-2009-1420 Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, whe...
S
CVE-2009-1421 Unspecified vulnerability in NFS / ONCplus B.11.31_06 and B.11.31_07 on HP HP-UX B.11.31 allows loca...
CVE-2009-1422 Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213...
S
CVE-2009-1423 Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213...
S
CVE-2009-1424 Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213...
S
CVE-2009-1425 Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213...
S
CVE-2009-1426 Unspecified vulnerability on HP ProLiant DL and ML 100 Series G5, G5p, and G6 servers with ProLiant ...
S
CVE-2009-1427 Unspecified vulnerability in HP-UX B.11.31 allows local users to cause a denial of service (system c...
S
CVE-2009-1428 Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as u...
CVE-2009-1429 The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in S...
E
CVE-2009-1430 Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec A...
CVE-2009-1431 XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS...
CVE-2009-1432 Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR...
CVE-2009-1433 SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe before 2.3.1 allows ...
S
CVE-2009-1434 Cross-site request forgery (CSRF) vulnerability in Foswiki before 1.0.5 allows remote attackers to h...
S
CVE-2009-1435 NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1 allows local users to caus...
E
CVE-2009-1436 The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initial...
E S
CVE-2009-1437 Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.6 an...
E
CVE-2009-1438 Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, ...
E S
CVE-2009-1439 Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote at...
CVE-2009-1440 Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to...
E
CVE-2009-1441 Heap-based buffer overflow in the ParamTraits::Read function in Google Chrome before 1.0.1...
E
CVE-2009-1442 Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and poss...
E S
CVE-2009-1443 Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have un...
S
CVE-2009-1444 PHP remote file inclusion vulnerability in indexk.php in WebPortal CMS 0.8-beta allows remote attack...
E
CVE-2009-1445 Multiple directory traversal vulnerabilities in WebPortal CMS 0.8-beta allow remote attackers to (1)...
E
CVE-2009-1446 Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote au...
E
CVE-2009-1447 Unrestricted file upload vulnerability in admin/editor/image.php in e-cart.biz Free Shopping Cart al...
E
CVE-2009-1448 Cross-site scripting (XSS) vulnerability in apricot.php in LovPop.net APRICOT, probably 1.20, allows...
CVE-2009-1449 Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.1 al...
E
CVE-2009-1450 PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 allows remote attackers to ex...
E
CVE-2009-1451 Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote attackers t...
E
CVE-2009-1452 Multiple PHP remote file inclusion vulnerabilities in theme/format.php in SMA-DB 0.3.13 allow remote...
E
CVE-2009-1453 SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is dis...
E
CVE-2009-1454 Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allo...
S
CVE-2009-1455 Multiple cross-site request forgery (CSRF) vulnerabilities in WebCollab before 2.50 (aka Billy Goat)...
S
CVE-2009-1456 Directory traversal vulnerability in admin.php in Malleo 1.2.3 allows remote authenticated administr...
CVE-2009-1457 Cross-site scripting (XSS) vulnerability in player.php in Nuke Evolution Xtreme 2.x allows remote at...
CVE-2009-1458 Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in razorCMS before 0.4 allow ...
E
CVE-2009-1459 Cross-site request forgery (CSRF) vulnerability in razorCMS before 0.4 allows remote attackers to hi...
CVE-2009-1460 razorCMS before 0.4 uses weak permissions for (1) admin/core/admin_config.php, which allows local us...
E
CVE-2009-1461 Cross-site scripting (XSS) vulnerability in the Create New Page form in razorCMS 0.3 RC2 and earlier...
E
CVE-2009-1462 The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by t...
E
CVE-2009-1463 Static code injection vulnerability in razorCMS before 0.4 allows remote attackers to inject arbitra...
E
CVE-2009-1464 Multiple cross-site request forgery (CSRF) vulnerabilities in index.aas in Application Access Server...
E
CVE-2009-1465 Application Access Server (A-A-S) 2.0.48 has "wildbat" as its default password for the admin account...
CVE-2009-1466 Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext ...
CVE-2009-1467 Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail Server and WebMail Server befor...
E S
CVE-2009-1468 Multiple SQL injection vulnerabilities in the search form in server/webmail.php in the Groupware com...
E
CVE-2009-1469 CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp ...
E
CVE-2009-1472 The Java client program for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP K...
CVE-2009-1473 The (1) Windows and (2) Java client programs for the ATEN KH1516i IP KVM switch with firmware 1.0.06...
CVE-2009-1474 The ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1....
CVE-2009-1476 Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows l...
E
CVE-2009-1477 The https web interfaces on the ATEN KH1516i IP KVM switch with firmware 1.0.063, the KN9116 IP KVM ...
CVE-2009-1478 Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris...
S
CVE-2009-1479 Directory traversal vulnerability in client/desktop/default.htm in Boxalino before 09.05.25-0421 all...
E
CVE-2009-1480 SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitr...
E
CVE-2009-1481 SQL injection vulnerability in action.asp in PuterJam's Blog (PJBlog3) 3.0.6.170 allows remote attac...
E
CVE-2009-1482 Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and ea...
E S
CVE-2009-1483 Unrestricted file upload vulnerability in upload-file.php in Adam Patterson Studio Lounge Address Bo...
E
CVE-2009-1484 Cross-site scripting (XSS) vulnerability in the web mail interface feature in AXIGEN Mail Server 6.2...
CVE-2009-1485 The logging feature in eMule Plus before 1.2e allows remote attackers to cause a denial of service (...
CVE-2009-1486 Directory traversal vulnerability in pmscript.php in Flatchat 3.0 allows remote attackers to include...
E
CVE-2009-1487 SQL injection vulnerability in pages/login.php in FunGamez RC1 allows remote attackers to execute ar...
E
CVE-2009-1488 Directory traversal vulnerability in admin/load.php in FunGamez RC1 allows remote attackers to inclu...
E
CVE-2009-1489 includes/user.php in Fungamez RC1 allows remote attackers to bypass authentication and gain administ...
E
CVE-2009-1490 Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of se...
S
CVE-2009-1491 McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and possibly other anti-virus or ...
E
CVE-2009-1492 The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and ea...
E
CVE-2009-1493 The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and e...
E
CVE-2009-1494 The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a...
S
CVE-2009-1495 Web File Explorer 3.1 stores sensitive information under the web root with insufficient access contr...
E
CVE-2009-1496 Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joom...
E
CVE-2009-1497 Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 a...
E
CVE-2009-1498 Directory traversal vulnerability in inc/profilemain.php in Game Maker 2k Internet Discussion Boards...
E
CVE-2009-1499 SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attack...
E
CVE-2009-1500 SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows remote attackers to execute a...
E
CVE-2009-1501 Cross-site scripting (XSS) vulnerability in the Exif module 5.x-1.x before 5.x-1.2 and 6.x-1.x-dev b...
S
CVE-2009-1502 Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attacker...
E
CVE-2009-1503 Multiple SQL injection vulnerabilities in login.php in Tiger Document Management System (DMS) allow ...
E
CVE-2009-1504 Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrat...
E
CVE-2009-1505 SQL injection vulnerability in the News Page module 5.x before 5.x-1.2 for Drupal allows remote auth...
S
CVE-2009-1506 SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows remote attackers to execute arbi...
E
CVE-2009-1507 The Node Access User Reference module 5.x before 5.x-2.0-beta4 and 6.x before 6.x-2.0-beta6, a modul...
S
CVE-2009-1508 SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allow...
E
CVE-2009-1509 SQL injection vulnerability in ajaxp_backend.php in MyioSoft AjaxPortal 3.0 allows remote attackers ...
E
CVE-2009-1510 Multiple directory traversal vulnerabilities in KoschtIT Image Gallery 1.82 allow remote attackers t...
E
CVE-2009-1511 GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (infinite loop...
E
CVE-2009-1512 Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to i...
E
CVE-2009-1513 Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-a...
S
CVE-2009-1514 Google Chrome 1.0.154.53 allows remote attackers to cause a denial of service (NULL pointer derefere...
E
CVE-2009-1515 Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 al...
E
CVE-2009-1516 Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Mer...
E
CVE-2009-1517 Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt...
E
CVE-2009-1518 Cross-site request forgery (CSRF) vulnerability in Beltane before 2.3.11 allows remote attackers to ...
CVE-2009-1519 Directory traversal vulnerability in index.php in Pecio CMS 1.1.5 allows remote attackers to read ar...
E
CVE-2009-1520 Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8....
CVE-2009-1521 Unspecified vulnerability in the Java GUI in the IBM Tivoli Storage Manager (TSM) client 5.2.0.0 thr...
S
CVE-2009-1522 The IBM Tivoli Storage Manager (TSM) client 5.5.0.0 through 5.5.1.17 on AIX and Windows, when SSL is...
S
CVE-2009-1523 Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, an...
CVE-2009-1524 Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1.17 allows remote attackers to ...
S
CVE-2009-1525 CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privilege...
E
CVE-2009-1526 JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a syml...
CVE-2009-1527 Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc...
CVE-2009-1528 Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for V...
CVE-2009-1529 Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, S...
CVE-2009-1530 Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Serv...
CVE-2009-1531 Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, S...
CVE-2009-1532 Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, S...
S
CVE-2009-1533 Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP...
CVE-2009-1534 Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000...
S
CVE-2009-1535 The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote atta...
S
CVE-2009-1536 ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in in...
S
CVE-2009-1537 Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Micros...
S
CVE-2009-1538 The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c ...
CVE-2009-1539 The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c ...
CVE-2009-1540 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-1541 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-1542 The Virtual Machine Monitor (VMM) in Microsoft Virtual PC 2004 SP1, 2007, and 2007 SP1, and Microsof...
CVE-2009-1543 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-1544 Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticate...
CVE-2009-1545 Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Micros...
S
CVE-2009-1546 Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windo...
S
CVE-2009-1547 Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote att...
CVE-2009-1548 SQL injection vulnerability in index.php in BluSky CMS allows remote attackers to execute arbitrary ...
E
CVE-2009-1549 AGTC MyShop 3.2b allows remote attackers to bypass authentication and obtain administrative access s...
E
CVE-2009-1550 Zakkis Technology ABC Advertise 1.0 does not properly restrict access to admin.inc.php, which allows...
E
CVE-2009-1551 Multiple PHP remote file inclusion vulnerabilities in Qt quickteam 2 allow remote attackers to execu...
E
CVE-2009-1552 Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows...
S
CVE-2009-1553 Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise...
E S
CVE-2009-1554 Cross-site scripting (XSS) vulnerability in ThemeServlet.java in Sun Woodstock 4.2, as used in Sun G...
E S
CVE-2009-1555 The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 sends configurati...
E
CVE-2009-1556 img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 a...
E
CVE-2009-1557 Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WVC54GCA wireless video cam...
E
CVE-2009-1558 Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camer...
E
CVE-2009-1559 Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video c...
E
CVE-2009-1560 The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 stores passwords ...
E
CVE-2009-1561 Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC r...
E
CVE-2009-1563 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candida...
R
CVE-2009-1564 Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 ...
CVE-2009-1565 vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and t...
S
CVE-2009-1566 Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow...
CVE-2009-1567 Multiple stack-based buffer overflows in the Lateral Arts Photobox uploader ActiveX control 1.x befo...
CVE-2009-1568 Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions ...
S
CVE-2009-1569 Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other version...
S
CVE-2009-1570 Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow...
S
CVE-2009-1571 Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x bef...
CVE-2009-1572 The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of ser...
E S
CVE-2009-1573 xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place th...
E
CVE-2009-1574 racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of servic...
E S
CVE-2009-1575 Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in v...
S
CVE-2009-1576 Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before ...
S
CVE-2009-1577 Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allo...
E S
CVE-2009-1578 Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before...
E S
CVE-2009-1579 The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail be...
S
CVE-2009-1580 Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web s...
S
CVE-2009-1581 functions/mime.php in SquirrelMail before 1.4.18 does not protect the application's content from Cas...
S
CVE-2009-1582 Million Dollar Text Links 1.0 does not properly restrict administrator access to admin.home.php, whi...
E
CVE-2009-1583 Multiple cross-site scripting (XSS) vulnerabilities in TemaTres 1.0.3 and 1.031 allow remote attacke...
E
CVE-2009-1584 Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disable...
E
CVE-2009-1585 Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow r...
CVE-2009-1586 Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7.2 Beta 3 and earlier allows re...
E S
CVE-2009-1587 index.php in PHP Site Lock 2.0 allows remote attackers to bypass authentication and obtain administr...
E
CVE-2009-1588 Cross-site scripting (XSS) vulnerability in CGI RESCUE MiniBBS 8t before 8.95t, 8 before 8.95, 9 bef...
S
CVE-2009-1589 Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email ...
CVE-2009-1590 Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email ...
S
CVE-2009-1591 CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject ...
S
CVE-2009-1592 Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute a...
E
CVE-2009-1593 Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properl...
CVE-2009-1594 Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properl...
CVE-2009-1595 The jabber:iq:auth implementation in IQAuthHandler.java in Ignite Realtime Openfire before 3.6.4 all...
E S
CVE-2009-1596 Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password (aka canChan...
E S
CVE-2009-1597 Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a sub...
E
CVE-2009-1598 Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submi...
E
CVE-2009-1599 Opera executes DOM calls in response to a javascript: URI in the target attribute of a submit elemen...
CVE-2009-1600 Apple Safari executes DOM calls in response to a javascript: URI in the target attribute of a submit...
CVE-2009-1601 The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 s...
S
CVE-2009-1602 Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote attackers to cause a denial of ...
E
CVE-2009-1603 src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS...
S
CVE-2009-1604 Unspecified vulnerability in LimeSurvey before 1.82 allows remote attackers to execute commands and ...
S
CVE-2009-1605 Heap-based buffer overflow in the loadexponentialfunc function in mupdf/pdf_function.c in MuPDF in t...
E
CVE-2009-1606 Multiple stack-based and heap-based buffer overflows in Dafolo DafoloControl ActiveX control (Dafolo...
CVE-2009-1607 Cross-site scripting (XSS) vulnerability in the administrator panel in phpForm.net LinkBase 2.0 allo...
E
CVE-2009-1608 Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly earlier versions allow user-assis...
E
CVE-2009-1609 Unrestricted file upload vulnerability in admin/uploadform.asp in Battle Blog 1.25 allows remote att...
E
CVE-2009-1610 admin/changepassword.php in Job Script Job Board Software 2.0 allows remote attackers to change the ...
E
CVE-2009-1611 Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute a...
E
CVE-2009-1612 Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng ...
E S
CVE-2009-1613 Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, when magic_quotes_gpc is disab...
E
CVE-2009-1614 Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4 allow remote attackers to inje...
E
CVE-2009-1615 Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote attackers to execute arbitrar...
E
CVE-2009-1616 Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Coppermine Photo Gallery (CPG) befor...
E
CVE-2009-1617 Teraway LinkTracker 1.0 allows remote attackers to bypass authentication and gain administrative acc...
E
CVE-2009-1618 Teraway LiveHelp 2.0 allows remote attackers to bypass authentication and gain administrative access...
E
CVE-2009-1619 Teraway FileStream 1.0 allows remote attackers to bypass authentication and gain administrative acce...
E
CVE-2009-1620 Multiple cross-site scripting (XSS) vulnerabilities in input.php in MataChat allow remote attackers ...
E
CVE-2009-1621 Directory traversal vulnerability in index.php in OpenCart 1.1.8 allows remote attackers to read arb...
E
CVE-2009-1622 SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote attackers to execute arbitrary...
E
CVE-2009-1623 Cross-site scripting (XSS) vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote attackers...
E
CVE-2009-1624 Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote attackers to rea...
E
CVE-2009-1625 Directory traversal vulnerability in index.php in Thickbox Gallery 2 allows remote attackers to incl...
E
CVE-2009-1626 SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quo...
E
CVE-2009-1627 Stack-based buffer overflow in Streaming Download Project (SDP) Downloader 2.3.0 allows remote attac...
E
CVE-2009-1628 Stack-based buffer overflow in mnet.exe in Unisys Business Information Server (BIS) 10 and 10.1 on W...
CVE-2009-1629 ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based...
E
CVE-2009-1630 The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6...
E S
CVE-2009-1631 The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolut...
E
CVE-2009-1632 Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of servic...
S
CVE-2009-1633 Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIF...
S
CVE-2009-1634 The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not prop...
CVE-2009-1635 Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess component in Novell GroupWise 7...
S
CVE-2009-1636 Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before ...
CVE-2009-1637 profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remo...
E
CVE-2009-1638 Techno Dreams Job Career Package 3.0 allows remote attackers to bypass authentication and obtain adm...
E
CVE-2009-1639 Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery for Novell 4.03 allows user-ass...
E
CVE-2009-1640 Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery for Macintosh 4.04 allows user-...
E
CVE-2009-1641 Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execut...
E
CVE-2009-1642 Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attac...
E
CVE-2009-1643 Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute a...
E
CVE-2009-1644 Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 allows remote attackers to execut...
E
CVE-2009-1645 Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote atta...
E
CVE-2009-1646 Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute ...
E
CVE-2009-1647 Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 allows remote POP3 servers to ca...
E
CVE-2009-1648 The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not e...
CVE-2009-1649 Directory traversal vulnerability in arch.php in beLive 0.2.3 allows remote attackers to read arbitr...
E
CVE-2009-1650 Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 allow remote attackers to exec...
E
CVE-2009-1651 SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows ...
E
CVE-2009-1652 admin/adminaddeditdetails.php in Business Community Script does not properly restrict access, which ...
E
CVE-2009-1653 Directory traversal vulnerability in examples/tbs_us_examples_0view.php in TinyButStrong 3.4.0 allow...
E
CVE-2009-1654 Cross-site scripting (XSS) vulnerability in questiondetail.php in Easy Scripts Answer and Question S...
E
CVE-2009-1655 Multiple SQL injection vulnerabilities in myaccount.php in Easy Scripts Answer and Question Script a...
E
CVE-2009-1656 Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and WorkCentre 5632, 5638, 5645, 5...
S
CVE-2009-1657 Multiple SQL injection vulnerabilities in the Starrating plugin before 0.7.7 for b2evolution allow r...
S
CVE-2009-1658 Multiple SQL injection vulnerabilities in admin/admin.php in Realty Webware Technologies Realty Web-...
E
CVE-2009-1659 Unrestricted file upload vulnerability in admin/uploadimage.php in eLitius 1.0 allows remote attacke...
E
CVE-2009-1660 Stack-based buffer overflow in URUWorks ViPlay3 3.0 and earlier allows remote attackers to cause a d...
E
CVE-2009-1661 SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, al...
E S
CVE-2009-1662 Multiple SQL injection vulnerabilities in admin/login.php in Wright Way Services Recipe Script 5 all...
E
CVE-2009-1663 Unrestricted file upload vulnerability in myaccount.php in Easy Scripts Answer and Question Script a...
E
CVE-2009-1664 myaccount.php in Easy Scripts Answer and Question Script does not verify the original password befor...
E
CVE-2009-1665 myaccount.php in Easy Scripts Answer and Question Script allows remote attackers to remove arbitrary...
E
CVE-2009-1666 Multiple unspecified vulnerabilities in CycloMedia CycloScopeLite 2.50.3.0 allow remote attackers to...
CVE-2009-1667 Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arb...
E
CVE-2009-1668 TYPSoft FTP Server 1.11 allows remote attackers to cause a denial of service (CPU consumption) by se...
E
CVE-2009-1669 The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-...
E
CVE-2009-1670 user/index.php in TCPDB 3.8 does not require administrative authentication, which allows remote atta...
E
CVE-2009-1671 Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun...
E
CVE-2009-1672 The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment ...
E
CVE-2009-1673 The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat...
S
CVE-2009-1674 Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to exe...
E
CVE-2009-1675 Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute a...
E
CVE-2009-1676 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1535. Reason: This candida...
R
CVE-2009-1677 Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php...
E
CVE-2009-1678 Directory traversal vulnerability in the saveFeed function in rss/feedcreator.class.php in Bitweaver...
E
CVE-2009-1679 The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through...
S
CVE-2009-1680 Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not ...
S
CVE-2009-1681 WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 thr...
E S
CVE-2009-1682 Apple Safari before 4.0 does not properly check for revoked Extended Validation (EV) certificates, w...
E S
CVE-2009-1683 The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 throug...
S
CVE-2009-1684 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through...
E S
CVE-2009-1685 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through...
E S
CVE-2009-1686 WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 thr...
E S
CVE-2009-1687 The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, ...
E S
CVE-2009-1688 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through...
E S
CVE-2009-1689 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through...
E S
CVE-2009-1690 Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2....
E S
CVE-2009-1691 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through...
E S
CVE-2009-1692 WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 thr...
E
CVE-2009-1693 WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 thr...
E S
CVE-2009-1694 WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 thr...
S
CVE-2009-1695 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through...
E S
CVE-2009-1696 WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 thr...
E S
CVE-2009-1697 CRLF injection vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...
E S
CVE-2009-1698 WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 thr...
E S
CVE-2009-1699 The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1,...
E S
CVE-2009-1700 The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhon...
E S
CVE-2009-1701 Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4...
E S
CVE-2009-1702 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through...
E S
CVE-2009-1703 WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within (1) audio and (2)...
E S
CVE-2009-1704 CFNetwork in Apple Safari before 4.0 misinterprets downloaded image files as local HTML documents in...
E S
CVE-2009-1705 CoreGraphics in Apple Safari before 4.0 on Windows does not properly use arithmetic during automatic...
E S
CVE-2009-1706 The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the ...
E S
CVE-2009-1707 Race condition in the Reset Safari implementation in Apple Safari before 4.0 on Windows might allow ...
E S
CVE-2009-1708 Apple Safari before 4.0 does not prevent calls to the open-help-anchor URL handler by web sites, whi...
E S
CVE-2009-1709 Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple ...
S
CVE-2009-1710 WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of (1) the ...
E S
CVE-2009-1711 WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which al...
E S
CVE-2009-1712 WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allow...
E S
CVE-2009-1713 The XSLT functionality in WebKit in Apple Safari before 4.0 does not properly implement the document...
E S
CVE-2009-1714 Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allow...
E S
CVE-2009-1715 Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allow...
E S
CVE-2009-1716 CFNetwork in Apple Safari before 4.0 on Windows does not properly protect the temporary files create...
E S
CVE-2009-1717 Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute...
S
CVE-2009-1718 WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to obtain sensitive informat...
E S
CVE-2009-1719 The Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X 10.5 allows remote attackers ...
S
CVE-2009-1720 Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a d...
S
CVE-2009-1721 The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allow...
S
CVE-2009-1722 Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-depende...
S
CVE-2009-1723 CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL in a certificate warning in c...
S
CVE-2009-1724 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone O...
E S
CVE-2009-1725 WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPo...
S
CVE-2009-1726 Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remo...
S
CVE-2009-1727 Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 before 10.5.8 makes it easier...
S
CVE-2009-1728 Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before 10.5.8, and 10.4 before Digit...
S
CVE-2009-1729 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005...
E S
CVE-2009-1730 Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remot...
CVE-2009-1731 SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbi...
E
CVE-2009-1732 Cross-site scripting (XSS) vulnerability in admin/usermanager in IPplan 4.91a allows remote attacker...
CVE-2009-1733 Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a allows remote attackers to hijack th...
CVE-2009-1734 SQL injection vulnerability in listing_video.php in VidSharePro allows remote attackers to execute a...
E
CVE-2009-1735 Cross-site scripting (XSS) vulnerability in search.php in VidSharePro allows remote attackers to inj...
E
CVE-2009-1736 SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for...
E
CVE-2009-1737 Directory traversal vulnerability in bom.php in MyPic 2.1 allows remote attackers to list files in a...
E
CVE-2009-1738 Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x before 6.x-1.1, a module for Drupal, ...
S
CVE-2009-1739 PAD Site Scripts 3.6 allows remote attackers to bypass authentication and gain privileges as other u...
E
CVE-2009-1740 Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer ActiveX Control (csviewer.ocx) 2.11....
CVE-2009-1741 Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc i...
E
CVE-2009-1742 code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for remote attackers to conduct SQL ...
E
CVE-2009-1743 Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a mod...
E
CVE-2009-1744 InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Stud...
E
CVE-2009-1745 Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, has a default ro...
CVE-2009-1746 SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote attackers t...
E
CVE-2009-1747 SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 allows remote attackers to execu...
E
CVE-2009-1748 Multiple directory traversal vulnerabilities in index.php in Catviz 0.4.0 Beta 1 allow remote attack...
E
CVE-2009-1749 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Catviz 0.4.0 beta 1 allow remote...
E
CVE-2009-1750 Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute a...
E
CVE-2009-1751 SQL injection vulnerability in list_list.php in Realty Webware Technologies Web-Base 1.0 allows remo...
E
CVE-2009-1752 exJune Office Message System 1 does not properly restrict access to (1) configure.asp and (2) addmes...
E
CVE-2009-1753 Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecif...
S
CVE-2009-1754 The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in An...
S
CVE-2009-1755 Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_que...
S
CVE-2009-1756 SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line wh...
E
CVE-2009-1757 Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 before 1.53 and 1.6 before 1.61 ...
S
CVE-2009-1758 The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.3...
E
CVE-2009-1759 Stack-based buffer overflow in the btFiles::BuildFromMI function (trunk/btfiles.cpp) in Enhanced CTo...
E S
CVE-2009-1760 Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as ...
E S
CVE-2009-1761 The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to ...
E S
CVE-2009-1762 Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess login page (aka gw/webacc) in N...
S
CVE-2009-1763 Unspecified vulnerability in the Solaris Secure Digital slot driver (aka sdhost) in Sun OpenSolaris ...
CVE-2009-1764 SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows remote attackers to execute arbitra...
E
CVE-2009-1765 Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow...
E
CVE-2009-1766 SQL injection vulnerability in index.php in LightOpenCMS 0.1 allows remote attackers to execute arbi...
E
CVE-2009-1767 admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication,...
E
CVE-2009-1768 Directory traversal vulnerability in download.php in Rama Zaiten CMS 0.9.8 and earlier allows remote...
E
CVE-2009-1769 The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 ge...
CVE-2009-1770 Directory traversal vulnerability in includes/database/examples/addressbook.php in Flyspeck CMS 6.8 ...
E
CVE-2009-1771 index.php in Flyspeck CMS 6.8 does not require administrative authentication for the updateExistingC...
E
CVE-2009-1772 Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate allows remote attackers to in...
CVE-2009-1773 activeCollab 2.1 Corporate allows remote attackers to obtain sensitive information via an invalid re...
CVE-2009-1774 Directory traversal vulnerability in plugins/ddb/foot.php in Strawberry 1.1.1 allows remote attacker...
E
CVE-2009-1775 Multiple cross-site scripting (XSS) vulnerabilities in Ulteo Open Virtual Desktop 1.0 allow remote a...
CVE-2009-1776 Multiple cross-site scripting (XSS) vulnerabilities in FormMail.pl in Matt Wright FormMail 1.92, and...
CVE-2009-1777 CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allo...
E
CVE-2009-1778 SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quote...
E S
CVE-2009-1779 PHP remote file inclusion vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows...
E
CVE-2009-1780 admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user pas...
E
CVE-2009-1781 Static code injection vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows rem...
E
CVE-2009-1782 Multiple F-Secure anti-virus products, including Anti-Virus for Microsoft Exchange 7.10 and earlier;...
S
CVE-2009-1783 Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM z...
CVE-2009-1784 The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus products including Anti-Virus Net...
CVE-2009-1785 Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual Desktop 1.0 allows remote attackers t...
CVE-2009-1786 The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitr...
E S
CVE-2009-1787 Multiple SQL injection vulnerabilities in PHP Dir Submit (aka WebsiteSubmitter and Submitter Script)...
E
CVE-2009-1788 Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp...
E S
CVE-2009-1789 mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers ...
E S
CVE-2009-1790 Cross-site scripting (XSS) vulnerability in CGI RESCUE Trees before 2.11 allows remote attackers to ...
S
CVE-2009-1791 Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winam...
S
CVE-2009-1792 The system.openURL function in StoneTrip Ston3D StandalonePlayer (aka S3DPlayer StandAlone) 1.6.2.4 ...
CVE-2009-1796 Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows...
S
CVE-2009-1797 Multiple cross-site request forgery (CSRF) vulnerabilities on the Network Management Card (NMC) on A...
CVE-2009-1798 Multiple cross-site scripting (XSS) vulnerabilities on the Network Management Card (NMC) on American...
CVE-2009-1799 Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.ph...
E
CVE-2009-1800 Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distrib...
E
CVE-2009-1801 Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pr...
S
CVE-2009-1802 Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x,...
S
CVE-2009-1803 FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error mes...
S
CVE-2009-1804 Multiple SQL injection vulnerabilities in admin/index.php in VideoScript.us YouTube Video Script all...
E
CVE-2009-1805 Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5...
S
CVE-2009-1806 Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.4.0 SP2, when Active ...
S
CVE-2009-1807 Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote att...
E
CVE-2009-1808 Microsoft Windows XP SP3 allows local users to cause a denial of service (system crash) by making an...
E
CVE-2009-1809 Multiple cross-site scripting (XSS) vulnerabilities in myColex 1.4.2 allow remote attackers to injec...
E
CVE-2009-1810 Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary ...
E S
CVE-2009-1811 Multiple cross-site scripting (XSS) vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote attack...
E
CVE-2009-1812 Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote attackers to execut...
E S
CVE-2009-1813 Multiple SQL injection vulnerabilities in admin/index.php in Submitter Script 2 allow remote attacke...
E
CVE-2009-1814 SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to exec...
E
CVE-2009-1815 Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote attackers to execut...
E
CVE-2009-1816 SQL injection vulnerability in admin.php in My Game Script 2.0 allows remote attackers to execute ar...
E
CVE-2009-1817 Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote attackers to execute arbitrary code vi...
E
CVE-2009-1818 SQL injection vulnerability in admin/admin_manager.asp in MaxCMS 2.0 allows remote attackers to exec...
E
CVE-2009-1819 SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote att...
E
CVE-2009-1820 Cross-site scripting (XSS) vulnerability in product.php in 2daybiz Custom T-shirt Design Script allo...
E
CVE-2009-1821 DMXReady Registration Manager 1.1 stores sensitive information under the web root with insufficient ...
E
CVE-2009-1822 Multiple PHP remote file inclusion vulnerabilities in the InterJoomla ArtForms (com_artforms) compon...
E
CVE-2009-1823 Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module ...
S
CVE-2009-1824 The ps_drv.sys kernel driver in ArcaBit ArcaVir 2009 Antivirus Protection 9.4.3201.9 and earlier, Ar...
E
CVE-2009-1825 modules/admuser.php in myColex 1.4.2 does not require administrative authentication, which allows re...
E S
CVE-2009-1826 modules/admuser.php in myGesuad 0.9.14 (aka 0.9) does not require administrative authentication, whi...
E
CVE-2009-1827 The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to cause a denial of service (app...
E
CVE-2009-1828 Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service (infinite loop, applicat...
E
CVE-2009-1829 Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote at...
S
CVE-2009-1830 Stack-based buffer overflow in Soulseek 156 and 157 NS allows remote attackers to execute arbitrary ...
E
CVE-2009-1831 The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552 allows remote ...
E
CVE-2009-1832 Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote...
E S
CVE-2009-1833 The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey b...
E S
CVE-2009-1834 Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11...
E S
CVE-2009-1835 Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external do...
E S
CVE-2009-1836 Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP...
E S
CVE-2009-1837 Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp ...
E
CVE-2009-1838 The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22,...
S
CVE-2009-1839 Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through th...
S
CVE-2009-1840 Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading...
S
CVE-2009-1841 js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0....
S
CVE-2009-1842 SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remo...
E
CVE-2009-1843 Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow remote attackers to execute arbitr...
E
CVE-2009-1844 Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x before 5.18 and 6.x before 6.12 al...
S
CVE-2009-1845 Cross-site scripting (XSS) vulnerability in ajax/updatecheck.php in Lussumo Vanilla 1.1.5 and 1.1.7 ...
E S
CVE-2009-1846 Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and earlier allow remote attac...
E
CVE-2009-1847 Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 B1 allows remote attackers to i...
E
CVE-2009-1848 SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3...
E
CVE-2009-1849 Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6...
S
CVE-2009-1850 SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute a...
E
CVE-2009-1851 SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attacker...
CVE-2009-1852 Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow remote attackers to execute arb...
E
CVE-2009-1853 Multiple SQL injection vulnerabilities in index.php in Kensei Board 2.0 BETA (aka 2.0.0b) and earlie...
E
CVE-2009-1854 Million Dollar Text Links 1.0 allows remote attackers to bypass authentication and gain administrati...
E
CVE-2009-1855 Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat...
S
CVE-2009-1856 Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8...
S
CVE-2009-1857 Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Read...
S
CVE-2009-1858 The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8...
S
CVE-2009-1859 Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Read...
S
CVE-2009-1860 Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to exe...
S
CVE-2009-1861 Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 an...
S
CVE-2009-1862 Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x ...
KEV
CVE-2009-1863 Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Ado...
S
CVE-2009-1864 Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Ad...
S
CVE-2009-1865 Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows a...
S
CVE-2009-1866 Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and A...
S
CVE-2009-1867 Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows a...
S
CVE-2009-1868 Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Ad...
S
CVE-2009-1869 Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player b...
S
CVE-2009-1870 Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows a...
S
CVE-2009-1871 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-1872 Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier...
E S
CVE-2009-1873 Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun A...
E S
CVE-2009-1874 Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Adobe JRun 4.0 allo...
E S
CVE-2009-1875 Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remo...
S
CVE-2009-1876 Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspeci...
S
CVE-2009-1877 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attacke...
S
CVE-2009-1878 Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hija...
S
CVE-2009-1879 Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in ...
E S
CVE-2009-1880 Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows remote attackers to inject arbitrar...
S
CVE-2009-1881 Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows remote attackers to inject arbitrar...
CVE-2009-1882 Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and Graphics...
CVE-2009-1883 The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perfo...
CVE-2009-1884 Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018...
S
CVE-2009-1885 Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8....
E S
CVE-2009-1886 Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12...
S
CVE-2009-1887 agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote att...
S
CVE-2009-1888 The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and...
E S
CVE-2009-1889 The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message typ...
S
CVE-2009-1890 The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server...
S
CVE-2009-1891 The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion ev...
E S
CVE-2009-1892 dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configurati...
S
CVE-2009-1893 The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux ...
CVE-2009-1894 Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vec...
E S
CVE-2009-1895 The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting tha...
S
CVE-2009-1896 The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and befo...
CVE-2009-1897 The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2...
E S
CVE-2009-1898 The secure login page in the Administrative Console component in IBM WebSphere Application Server (W...
S
CVE-2009-1899 Unspecified vulnerability in the Administrative Configservice API in the System Management/Repositor...
S
CVE-2009-1900 The Configservice APIs in the Administrative Console component in IBM WebSphere Application Server (...
S
CVE-2009-1901 The Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 permits "non-...
S
CVE-2009-1902 The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of ser...
E
CVE-2009-1903 The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial...
CVE-2009-1904 The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent atta...
E S
CVE-2009-1905 The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP...
S
CVE-2009-1906 The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before FP4 allows remote attackers to ...
E S
CVE-2009-1907 Cross-site scripting (XSS) vulnerability in claroline/linker/notfound.php in Claroline 1.8.11 allows...
E S
CVE-2009-1908 Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC ver...
CVE-2009-1909 SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows...
S
CVE-2009-1910 SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows remote attackers to execute ar...
E
CVE-2009-1911 Directory traversal vulnerability in .include/init.php (aka admin/_include/init.php) in QuiXplorer 2...
E S
CVE-2009-1912 Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows rem...
E S
CVE-2009-1913 SQL injection vulnerability in manager.php in LuxBum 0.5.5, when magic_quotes_gpc is disabled and do...
E
CVE-2009-1914 The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before ...
CVE-2009-1915 Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attacke...
E
CVE-2009-1916 dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell me...
E
CVE-2009-1917 Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP...
CVE-2009-1918 Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and S...
CVE-2009-1919 Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and S...
CVE-2009-1920 The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in ...
CVE-2009-1921 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-1922 The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and ...
CVE-2009-1923 Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windo...
CVE-2009-1924 Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP...
CVE-2009-1925 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2...
CVE-2009-1926 Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 20...
CVE-2009-1927 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2009-1928 Stack consumption vulnerability in the LDAP service in Active Directory on Microsoft Windows 2000 SP...
CVE-2009-1929 Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1...
S
CVE-2009-1930 The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, ...
S
CVE-2009-1932 Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngd...
E
CVE-2009-1933 Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage crede...
S
CVE-2009-1934 Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server ...
S
CVE-2009-1935 Integer overflow in the pipe_build_write_buffer function (sys/kern/sys_pipe.c) in the direct write o...
E S
CVE-2009-1936 _functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit whe...
E
CVE-2009-1937 Cross-site scripting (XSS) vulnerability in the comment posting feature in LightNEasy 2.2.1 "no data...
CVE-2009-1938 Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to ...
E S
CVE-2009-1939 Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 ...
E S
CVE-2009-1940 Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component ...
E S
CVE-2009-1941 PAD Site Scripts 3.6 stores sensitive information under the web document root with insufficient acce...
E
CVE-2009-1942 Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x...
S
CVE-2009-1943 Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet SoftRemote before 10.8.6 allo...
S
CVE-2009-1944 Stack-based buffer overflow in AIMP 2.51 build 330 allows remote attackers to execute arbitrary code...
E
CVE-2009-1945 SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 allows remote attackers to execute ...
E
CVE-2009-1946 PHP remote file inclusion vulnerability in latestposts.php in AdaptBB 1.0, when register_globals is ...
E
CVE-2009-1947 SQL injection vulnerability in the UnbDbEncode function in unb_lib/database.lib.php in Unclassified ...
E
CVE-2009-1948 Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard (UNB) 1.6.4, whe...
E
CVE-2009-1949 import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote attackers to obtain sensitive in...
E
CVE-2009-1950 SQL injection vulnerability in yorum.asp in WebEyes Guest Book 3 allows remote attackers to execute ...
E
CVE-2009-1951 Cross-site scripting (XSS) vulnerability in index.php in PropertyMax Pro FREE 0.3 allows remote atta...
E
CVE-2009-1952 Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0...
E
CVE-2009-1953 IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM WebSphere Application Server (WAS) a...
CVE-2009-1954 Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 allows attackers to cause a den...
S
CVE-2009-1955 The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as...
E S
CVE-2009-1956 Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian p...
E S
CVE-2009-1957 charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause ...
S
CVE-2009-1958 charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL che...
S
CVE-2009-1959 Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows r...
E
CVE-2009-1960 inc/init.php in DokuWiki 2009-02-14, rc2009-02-06, and rc2009-01-30, when register_globals is enable...
E S
CVE-2009-1961 The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.2...
E S
CVE-2009-1962 Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on t...
CVE-2009-1963 Unspecified vulnerability in the Network Foundation component in Oracle Database 11.1.0.6 allows rem...
CVE-2009-1964 Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remo...
CVE-2009-1965 Unspecified vulnerability in the Net Foundation Layer component in Oracle Database 9.2.0.8 and 10.1....
CVE-2009-1966 Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2)...
CVE-2009-1967 Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2)...
CVE-2009-1968 Unspecified vulnerability in the Secure Enterprise Search component in Oracle Database 10.1.8.3 allo...
S
CVE-2009-1969 Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5,...
CVE-2009-1970 Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5,...
S
CVE-2009-1971 Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1...
CVE-2009-1972 Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5,...
CVE-2009-1973 Unspecified vulnerability in the Virtual Private Database component in Oracle Database 10.1.0.5, 10....
CVE-2009-1974 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 ...
CVE-2009-1975 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote a...
CVE-2009-1976 Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows ...
CVE-2009-1977 Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 all...
CVE-2009-1978 Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 all...
CVE-2009-1979 Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10...
CVE-2009-1980 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2009-1981 Unspecified vulnerability in the Highly Interactive Client component in Siebel Product Suite 7.5.3, ...
CVE-2009-1982 Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
CVE-2009-1983 Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0....
CVE-2009-1984 Unspecified vulnerability in the Application Install component in Oracle E-Business Suite 11.5.10.2,...
CVE-2009-1985 Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0....
CVE-2009-1986 Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11...
CVE-2009-1987 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools - Enterprise Portal component in ...
CVE-2009-1988 Unspecified vulnerability in the PeopleSoft Enterprise HRMS eProfile Manager component in Oracle Peo...
S
CVE-2009-1989 Unspecified vulnerability in the PeopleSoft Enterprise FMS component in Oracle PeopleSoft Enterprise...
S
CVE-2009-1990 Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Applic...
CVE-2009-1991 Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0...
CVE-2009-1992 Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2...
CVE-2009-1993 Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remot...
CVE-2009-1994 Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote ...
CVE-2009-1995 Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.2.0.4 and 11.1.0.7...
CVE-2009-1996 Unspecified vulnerability in the Logical Standby component in Oracle Database allows remote authenti...
CVE-2009-1997 Unspecified vulnerability in the Authentication component in Oracle Database 10.2.0.3 and 11.1.0.7 a...
CVE-2009-1998 Unspecified vulnerability in the Oracle Communications Order and Service Management component in Ora...
CVE-2009-1999 Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified O...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.