270911
|
- |
|
bookelves
|
kipper
|
Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to (1) index.php and (2) kipper.php. NOTE: th…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0764
|
2009-06-17 13:00 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270912
|
- |
|
ibm
|
tivoli_storage_manager_hsm
|
Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM 5.3.2.0 through 5.3.5.0, 5.4.0.0 through 5.4.2.5, and 5.5.0.0 through 5.5.1.4 on Windows allows remote attackers to cause a denia…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0869
|
2009-06-17 13:00 |
2009-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270913
|
- |
|
heine.familiedeelstra
|
booktree
|
Multiple cross-site scripting (XSS) vulnerabilities in Booktree 5.x before 5.x-7.3 and 6.x before 6.x-1.1, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the (…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2078
|
2009-06-17 13:00 |
2009-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270914
|
- |
|
creative_web_solutions
|
multi-level_cms
|
SQL injection vulnerability in insidepage.php in Creative Web Solutions Multi-Level CMS 1.21 allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: some of these de…
|
CWE-89
SQL Injection
|
CVE-2009-2082
|
2009-06-17 13:00 |
2009-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270915
|
- |
|
drupal
|
services_module_for_drupal
|
Unspecified vulnerability in Services 6.x before 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote attackers to read or add keys and access unauthorized services via unsp…
|
NVD-CWE-noinfo
|
CVE-2009-2035
|
2009-06-15 13:00 |
2009-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270916
|
- |
|
apple
|
safari
|
CoreGraphics in Apple Safari before 4.0 on Windows does not properly use arithmetic during automatic hinting of TrueType fonts, which allows remote attackers to execute arbitrary code or cause a deni…
|
CWE-189
Numeric Errors
|
CVE-2009-1705
|
2009-06-13 14:33 |
2009-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270917
|
- |
|
gnu
|
gnutls
|
lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on cer…
|
CWE-310
Cryptographic Issues
|
CVE-2009-1416
|
2009-06-10 14:29 |
2009-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270918
|
- |
|
mortbay_jetty
|
jetty
|
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5613
|
2009-06-10 14:09 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270919
|
- |
|
mortbay_jetty
|
jetty
|
Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2007-5614
|
2009-06-10 14:09 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270920
|
- |
|
mortbay_jetty
|
jetty
|
CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2007-5615
|
2009-06-10 14:09 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|