268171
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
The Microsoft Office Spotlight Importer in Spotlight in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not properly validate Microsoft Office files, which allows remote attackers to execute arbit…
|
CWE-94
Code Injection
|
CVE-2009-0944
|
2009-05-16 14:30 |
2009-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268172
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image that tri…
|
CWE-94
Code Injection
|
CVE-2009-0160
|
2009-05-16 14:29 |
2009-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268173
|
- |
|
apport ubuntu
|
apport ubuntu
|
Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which a…
|
CWE-16
Configuration
|
CVE-2009-1295
|
2009-05-15 14:29 |
2009-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268174
|
- |
|
nlnetlabs
|
ldns
|
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via …
|
CWE-399
Resource Management Errors
|
CVE-2009-1086
|
2009-05-15 14:28 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268175
|
- |
|
sun
|
opensolaris
|
Unspecified vulnerability in the SCTP sockets implementation in Sun OpenSolaris snv_106 through snv_107 allows local users to cause a denial of service (panic) via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-1359
|
2009-05-14 14:36 |
2009-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268176
|
- |
|
dotnetnuke
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke (DNN) before 4.9.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1366
|
2009-05-14 14:36 |
2009-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268177
|
- |
|
php
|
php
|
PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally disables magic_quotes_gpc regardless of the actual magic_quotes_gpc setting, which might make it eas…
|
CWE-16
Configuration
|
CVE-2008-5844
|
2009-05-14 14:32 |
2009-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268178
|
- |
|
asterisk
|
zaptel
|
Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by w…
|
CWE-189
Numeric Errors
|
CVE-2008-5396
|
2009-05-14 14:31 |
2008-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268179
|
- |
|
exif
|
exif
|
Cross-site scripting (XSS) vulnerability in the Exif module 5.x-1.x before 5.x-1.2 and 6.x-1.x-dev before April 13, 2009, a module for Drupal, allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1501
|
2009-05-13 14:28 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268180
|
- |
|
drupal
|
nodeaccess_userreference
|
The Node Access User Reference module 5.x before 5.x-2.0-beta4 and 6.x before 6.x-2.0-beta6, a module for Drupal, interprets an empty CCK user reference as a reference to the anonymous user, which mi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1507
|
2009-05-13 14:28 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|