|
268381
|
- |
|
sun
|
opensolaris
|
The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite…
|
NVD-CWE-noinfo
|
CVE-2009-0131
|
2009-02-5 15:53 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268382
|
- |
|
research_in_motion_limited
|
blackberry_enterprise_server
blackberry_professional_software
blackberry_unite
|
The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.…
|
CWE-399
Resource Management Errors
|
CVE-2009-0219
|
2009-02-5 15:53 |
2009-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268383
|
- |
|
gnome
|
nautilus-python
|
Untrusted search path vulnerability in the Python language bindings for Nautilus (nautilus-python) allows local users to execute arbitrary code via a Trojan horse Python file in the current working d…
|
NVD-CWE-Other
|
CVE-2009-0317
|
2009-02-5 15:53 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268384
|
- |
|
asp-dev
|
xm_events_diary
|
SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is…
|
CWE-89
SQL Injection
|
CVE-2008-5924
|
2009-02-5 15:52 |
2009-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268385
|
- |
|
torrenttrader
|
torrenttrader
|
TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allows attackers to execute arbitrary PHP code by modifying (1) disclaimer.txt, (2) sponsors.txt, and (…
|
NVD-CWE-Other
|
CVE-2007-4536
|
2009-02-5 15:29 |
2007-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268386
|
- |
|
keep_toolkit
|
keep_toolkit
|
SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password.
|
CWE-89
SQL Injection
|
CVE-2009-0287
|
2009-02-5 14:00 |
2009-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268387
|
- |
|
codefixer
|
linkspro
|
SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter.
|
CWE-89
SQL Injection
|
CVE-2009-0431
|
2009-02-5 14:00 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268388
|
- |
|
preprojects
|
pre_classified_listings
|
PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6055
|
2009-02-5 00:30 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268389
|
- |
|
google
|
chrome
|
Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and…
|
NVD-CWE-Other
|
CVE-2009-0276
|
2009-02-4 14:00 |
2009-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268390
|
- |
|
monkey
|
trickle
|
Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD…
|
NVD-CWE-Other
|
CVE-2009-0415
|
2009-02-4 14:00 |
2009-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
