270411
|
- |
|
gforge
|
gforge
|
SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4070
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270412
|
- |
|
hp
|
openview_network_node_manager
|
The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Er…
|
NVD-CWE-Other
|
CVE-2009-3840
|
2009-11-24 16:04 |
2009-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270413
|
- |
|
hp
|
discovery\&dependency_mapping_inventory
|
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3841
|
2009-11-24 16:04 |
2009-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270414
|
- |
|
christos_zoulas
|
file
|
Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buff…
|
CWE-189
Numeric Errors
|
CVE-2009-3930
|
2009-11-24 16:04 |
2009-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270415
|
- |
|
jos_de_ruijter
|
superseriousstats
|
SQL injection vulnerability in user.php in Super Serious Stats (aka superseriousstats) before 1.1.2p1 allows remote attackers to execute arbitrary SQL commands via the uid parameter, related to an "i…
|
CWE-89
SQL Injection
|
CVE-2009-3961
|
2009-11-24 16:04 |
2009-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270416
|
- |
|
strongswan
|
strongswan
|
The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which a…
|
CWE-310
Cryptographic Issues
|
CVE-2009-2661
|
2009-11-24 16:02 |
2009-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270417
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2823
|
2009-11-24 16:02 |
2009-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270418
|
- |
|
xine
|
xine-lib
|
xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via "MP3 files with metadata consisting only of separators."
|
CWE-20
Improper Input Validation
|
CVE-2008-5248
|
2009-11-24 15:53 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270419
|
- |
|
tftpd32
|
tftpd32
|
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2353
|
2009-11-24 14:15 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270420
|
- |
|
betsy
|
betsy_cms
|
Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the popup parameter.
|
CWE-22
Path Traversal
|
CVE-2009-4056
|
2009-11-24 14:00 |
2009-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|