|
267941
|
- |
|
sun
|
virtual_desktop_infrastructure
|
Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow …
|
CWE-200
Information Exposure
|
CVE-2009-2856
|
2009-08-22 00:25 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267942
|
- |
|
2fly
|
gift_delivery_system
|
SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action.
|
CWE-89
SQL Injection
|
CVE-2009-2915
|
2009-08-21 20:30 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267943
|
- |
|
xzeroscripts
|
xzero_community_classifieds
|
Cross-site scripting (XSS) vulnerability in index.php in XZero Community Classifieds 4.97.8 allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this i…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2913
|
2009-08-21 20:02 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267944
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.
|
CWE-20
Improper Input Validation
|
CVE-2009-2055
|
2009-08-21 13:00 |
2009-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267945
|
- |
|
edgewall
firestats
|
firestats
|
SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-2144
|
2009-08-21 13:00 |
2009-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267946
|
- |
|
php.s3
|
tree_bbs
|
Cross-site scripting (XSS) vulnerability in Let's PHP! Tree BBS 2004/11/23 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2226
|
2009-08-21 13:00 |
2009-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267947
|
- |
|
clone2009
|
ebay_clone
|
Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone 2009 allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2424
|
2009-08-21 13:00 |
2009-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267948
|
- |
|
nasa_goddard_space_flight_center
|
common_data_format
|
Multiple buffer overflows in NASA Common Data Format (CDF) allow context-dependent attackers to execute arbitrary code, as demonstrated using (1) an array index error in the ReadAEDRList64 function, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2850
|
2009-08-21 13:00 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267949
|
- |
|
ibm
|
db2
|
Memory leak in the Security component in IBM DB2 8.1 before FP18 on Unix platforms allows attackers to cause a denial of service (memory consumption) via unspecified vectors, related to private memor…
|
CWE-399
Resource Management Errors
|
CVE-2009-2858
|
2009-08-21 13:00 |
2009-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267950
|
- |
|
ibm
|
db2
|
Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via "malicious packets."
|
NVD-CWE-noinfo
|
CVE-2009-2860
|
2009-08-21 13:00 |
2009-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
