|
266471
|
- |
|
cisco
|
aironet_ap1100
aironet_ap1200
|
The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers …
|
NVD-CWE-Other
|
CVE-2009-2861
|
2009-08-28 13:00 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266472
|
- |
|
google
|
chrome
|
Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attackers to (1) cause a denial of service (application hang) via vectors involving a chromehtml: URI value for the document.location p…
|
NVD-CWE-Other
|
CVE-2009-2974
|
2009-08-28 13:00 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266473
|
- |
|
cisco
|
aironet_ap1100
aironet_ap1200
|
Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses an…
|
CWE-310
Cryptographic Issues
|
CVE-2009-2976
|
2009-08-28 13:00 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266474
|
- |
|
sun
|
java_plug-in
|
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating …
|
CWE-16
Configuration
|
CVE-2005-4845
|
2009-08-28 13:00 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266475
|
- |
|
toni_mueller
|
roundup
|
The EditCSVAction function in cgi/actions.py in Roundup 1.2 before 1.2.1, 1.4 through 1.4.6, and possibly other versions does not properly check permissions, which allows remote authenticated users w…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2737
|
2009-08-26 14:25 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266476
|
- |
|
adobe
|
coldfusion
|
Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerabil…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1875
|
2009-08-26 14:24 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266477
|
- |
|
adobe
|
coldfusion
|
Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."
|
NVD-CWE-Other
|
CVE-2009-1876
|
2009-08-26 14:24 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266478
|
- |
|
adobe
|
coldfusion
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than C…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1877
|
2009-08-26 14:24 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266479
|
- |
|
sun
|
openjdk
|
The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed j…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1896
|
2009-08-26 14:24 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266480
|
- |
|
guus_sliepen
|
dhis-server
|
dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file.
|
CWE-59
Link Following
|
CVE-2008-4947
|
2009-08-26 14:17 |
2008-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
