270961
|
- |
|
asterisk
|
zaptel
|
Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by w…
|
CWE-189
Numeric Errors
|
CVE-2008-5396
|
2009-05-14 14:31 |
2008-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270962
|
- |
|
exif
|
exif
|
Cross-site scripting (XSS) vulnerability in the Exif module 5.x-1.x before 5.x-1.2 and 6.x-1.x-dev before April 13, 2009, a module for Drupal, allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1501
|
2009-05-13 14:28 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270963
|
- |
|
drupal
|
nodeaccess_userreference
|
The Node Access User Reference module 5.x before 5.x-2.0-beta4 and 6.x before 6.x-2.0-beta6, a module for Drupal, interprets an empty CCK user reference as a reference to the anonymous user, which mi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1507
|
2009-05-13 14:28 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270964
|
- |
|
r020
|
tematres
|
Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_pass…
|
CWE-89
SQL Injection
|
CVE-2009-1585
|
2009-05-13 14:28 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270965
|
- |
|
hp
|
openview_network_node_manager
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo CWE-94
Code Injection
|
CVE-2009-0720
|
2009-05-13 14:27 |
2009-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270966
|
- |
|
mpfr
|
gnu_mpfr
|
Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent attackers to cause a denial of service (crash) via the (1) mpfr_snprintf and (2) mpfr_vsnprintf functions.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0757
|
2009-05-13 14:27 |
2009-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270967
|
- |
|
andrew_j.korty
|
pam_ssh
|
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier fo…
|
CWE-255
Credentials Management
|
CVE-2009-1273
|
2009-05-13 14:27 |
2009-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270968
|
- |
|
cgi_rescue
|
form2mail
|
Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form.
|
NVD-CWE-noinfo
|
CVE-2009-1590
|
2009-05-11 13:00 |
2009-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270969
|
- |
|
mitel
|
mitel_nupoint_messenger
|
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-310
Cryptographic Issues
|
CVE-2008-6797
|
2009-05-8 13:00 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270970
|
- |
|
phpexplorer
|
phphotogallery
|
Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance…
|
CWE-89
SQL Injection
|
CVE-2008-6802
|
2009-05-8 13:00 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|