270771
|
- |
|
gforge
|
gforge
|
Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GForge 4.5.14, 4.7 rc2, and 4.8.1 allows remote attackers to inject arbitrary web script or HTML via the helpname parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3303
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270772
|
- |
|
gforge
|
gforge
|
Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5.14, 4.7.3, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4069
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270773
|
- |
|
gforge
|
gforge
|
SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4070
|
2009-11-25 02:30 |
2009-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270774
|
- |
|
hp
|
openview_network_node_manager
|
The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Er…
|
NVD-CWE-Other
|
CVE-2009-3840
|
2009-11-24 16:04 |
2009-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270775
|
- |
|
hp
|
discovery\&dependency_mapping_inventory
|
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3841
|
2009-11-24 16:04 |
2009-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270776
|
- |
|
christos_zoulas
|
file
|
Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buff…
|
CWE-189
Numeric Errors
|
CVE-2009-3930
|
2009-11-24 16:04 |
2009-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270777
|
- |
|
jos_de_ruijter
|
superseriousstats
|
SQL injection vulnerability in user.php in Super Serious Stats (aka superseriousstats) before 1.1.2p1 allows remote attackers to execute arbitrary SQL commands via the uid parameter, related to an "i…
|
CWE-89
SQL Injection
|
CVE-2009-3961
|
2009-11-24 16:04 |
2009-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270778
|
- |
|
strongswan
|
strongswan
|
The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which a…
|
CWE-310
Cryptographic Issues
|
CVE-2009-2661
|
2009-11-24 16:02 |
2009-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270779
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2823
|
2009-11-24 16:02 |
2009-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270780
|
- |
|
xine
|
xine-lib
|
xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via "MP3 files with metadata consisting only of separators."
|
CWE-20
Improper Input Validation
|
CVE-2008-5248
|
2009-11-24 15:53 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|