|
266441
|
- |
|
pagedowntech
|
pdshoppro
|
Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2032
|
2009-06-20 14:29 |
2009-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266442
|
- |
|
apple
|
safari
|
Apple Safari before 4.0 does not properly check for revoked Extended Validation (EV) certificates, which makes it easier for remote attackers to trick a user into accepting an invalid certificate.
|
CWE-255
Credentials Management
|
CVE-2009-1682
|
2009-06-19 14:32 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266443
|
- |
|
apple
|
safari
|
CFNetwork in Apple Safari before 4.0 misinterprets downloaded image files as local HTML documents in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript code by p…
|
CWE-94
Code Injection
|
CVE-2009-1704
|
2009-06-19 14:32 |
2009-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266444
|
- |
|
apple
|
safari
|
The Private Browsing feature in Apple Safari before 4.0 on Windows does not remove cookies from the alternate cookie store in unspecified circumstances upon (1) disabling of the feature or (2) exit o…
|
CWE-200
Information Exposure
|
CVE-2009-1706
|
2009-06-19 14:32 |
2009-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266445
|
- |
|
apple
|
safari
|
Apple Safari before 4.0 does not prevent calls to the open-help-anchor URL handler by web sites, which allows remote attackers to open arbitrary local help files, and execute arbitrary code or obtain…
|
NVD-CWE-Other
|
CVE-2009-1708
|
2009-06-19 14:32 |
2009-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266446
|
- |
|
apple
|
safari
|
CFNetwork in Apple Safari before 4.0 on Windows does not properly protect the temporary files created for downloads, which allows local users to obtain sensitive information by reading these files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1716
|
2009-06-19 14:32 |
2009-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266447
|
- |
|
sun
|
opensolaris
|
Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) v…
|
NVD-CWE-noinfo
|
CVE-2009-2012
|
2009-06-19 14:32 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266448
|
- |
|
sun
|
opensolaris
|
smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes.
|
CWE-200
Information Exposure
|
CVE-2009-2031
|
2009-06-19 14:32 |
2009-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266449
|
- |
|
cisco
|
ace_4710
application_control_engine_module
|
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2…
|
NVD-CWE-noinfo
|
CVE-2009-0623
|
2009-06-19 13:00 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266450
|
- |
|
angrydonuts
|
nodequeue
|
Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, does not properly restrict access when displaying node titles, which has unknown impact and attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2075
|
2009-06-19 13:00 |
2009-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
