270751
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Att…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1154
|
2009-08-22 02:30 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270752
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2056
|
2009-08-22 02:30 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270753
|
- |
|
sun
|
virtual_desktop_infrastructure
|
Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow …
|
CWE-200
Information Exposure
|
CVE-2009-2856
|
2009-08-22 00:25 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270754
|
- |
|
2fly
|
gift_delivery_system
|
SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery System 6.0 allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a content action.
|
CWE-89
SQL Injection
|
CVE-2009-2915
|
2009-08-21 20:30 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270755
|
- |
|
xzeroscripts
|
xzero_community_classifieds
|
Cross-site scripting (XSS) vulnerability in index.php in XZero Community Classifieds 4.97.8 allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this i…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2913
|
2009-08-21 20:02 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270756
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.
|
CWE-20
Improper Input Validation
|
CVE-2009-2055
|
2009-08-21 13:00 |
2009-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270757
|
- |
|
edgewall firestats
|
firestats
|
SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-2144
|
2009-08-21 13:00 |
2009-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270758
|
- |
|
php.s3
|
tree_bbs
|
Cross-site scripting (XSS) vulnerability in Let's PHP! Tree BBS 2004/11/23 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2226
|
2009-08-21 13:00 |
2009-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270759
|
- |
|
clone2009
|
ebay_clone
|
Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone 2009 allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2424
|
2009-08-21 13:00 |
2009-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270760
|
- |
|
nasa_goddard_space_flight_center
|
common_data_format
|
Multiple buffer overflows in NASA Common Data Format (CDF) allow context-dependent attackers to execute arbitrary code, as demonstrated using (1) an array index error in the ReadAEDRList64 function, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2850
|
2009-08-21 13:00 |
2009-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|