|
268161
|
- |
|
cgi_rescue
|
cgi_web_mailer
|
CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting (XSS) or HTTP response splitting attacks, …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1591
|
2009-05-23 14:31 |
2009-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268162
|
- |
|
gnome
|
evolution
|
The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1631
|
2009-05-23 14:31 |
2009-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268163
|
- |
|
transmissionbt
|
transmission
|
Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 before 1.53 and 1.6 before 1.61 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2009-1757
|
2009-05-22 20:52 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268164
|
- |
|
drupal
|
drupal
|
Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows user-assisted remote attackers to obtain sensitive information by tricking victims i…
|
NVD-CWE-noinfo
|
CVE-2009-1576
|
2009-05-20 14:36 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268165
|
- |
|
gpsdrive
|
gpsdrive
|
src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different …
|
CWE-59
Link Following
|
CVE-2008-5704
|
2009-05-20 13:00 |
2008-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268166
|
- |
|
google
|
chrome
|
Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a …
|
CWE-189
Numeric Errors
|
CVE-2009-1442
|
2009-05-19 14:35 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268167
|
- |
|
adobe
|
flash_media_server
|
Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.4 and 3.5.x before 3.5.2, as used in Flash Media Interactive Server and Flash Media Streaming Server, allows remote attackers to…
|
NVD-CWE-noinfo
|
CVE-2009-1365
|
2009-05-19 14:34 |
2009-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268168
|
- |
|
cyclomedia
|
cycloscopelite
|
Multiple unspecified vulnerabilities in CycloMedia CycloScopeLite 2.50.3.0 allow remote attackers to execute arbitrary code via the ReturnConnection method in (1) CM_ADOConnection.dll, (2) CM_Address…
|
NVD-CWE-noinfo
|
CVE-2009-1666
|
2009-05-19 13:00 |
2009-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268169
|
- |
|
research_in_motion_limited
|
blackberry_enterprise_server
blackberry_professional_software
blackberry_unite
|
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Softwar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0176
|
2009-05-18 13:00 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268170
|
- |
|
symantec
|
appstream_client
|
The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Symantec AppStream Client 5.2.x before 5.2.2 SP3 MP1 does not properly validate downloaded files, which allows remote attackers to ex…
|
CWE-20
Improper Input Validation
|
CVE-2008-4388
|
2009-05-18 13:00 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
