267741
|
- |
|
vmware
|
fusion
|
The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3281
|
2009-10-19 13:00 |
2009-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267742
|
- |
|
riorey
|
rios
|
RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username (dbadmin) and password (sq!us3r) for an SSH tunnel, which allows remote attackers to gain privileges via port 8022.
|
CWE-255
Credentials Management
|
CVE-2009-3710
|
2009-10-19 13:00 |
2009-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267743
|
- |
|
sun
|
opensolaris solaris
|
Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via cert…
|
NVD-CWE-noinfo
|
CVE-2009-3706
|
2009-10-17 01:30 |
2009-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267744
|
- |
|
sun
|
opensolaris solaris
|
Per: http://sunsolve.sun.com/search/document.do?assetkey=1-66-265908-1
1. Impact
A security vulnerability in the ZFS file system in OpenSolaris and Solaris 10 systems with patches 137137-09 (S…
|
NVD-CWE-noinfo
|
CVE-2009-3706
|
2009-10-17 01:30 |
2009-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267745
|
- |
|
sun
|
opensolaris solaris
|
Per: http://sunsolve.sun.com/search/document.do?assetkey=1-66-265908-1
"Notes:
1. Solaris 8 and 9 are not impacted by this issue.
2. OpenSolaris distributions may include additional bug fix…
|
NVD-CWE-noinfo
|
CVE-2009-3706
|
2009-10-17 01:30 |
2009-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267746
|
- |
|
konae
|
alleycode_html_editor
|
Stack-based buffer overflow in the Meta Content Optimizer in Konae Technologies Alleycode HTML Editor 2.21 allows user-assisted remote attackers to execute arbitrary code via a long value in a (1) de…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3708
|
2009-10-17 01:30 |
2009-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267747
|
- |
|
ibm
|
db2
|
IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows remote authenticated users to bypass intended access restrictions, and update, insert, or delete table rows, via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3472
|
2009-10-14 14:26 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267748
|
- |
|
strongswan
|
strongswan
|
charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid IKE_SA_INIT request that tr…
|
CWE-399
Resource Management Errors
|
CVE-2009-1957
|
2009-10-14 14:24 |
2009-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267749
|
- |
|
strongswan
|
strongswan
|
charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE…
|
CWE-399
Resource Management Errors
|
CVE-2009-1958
|
2009-10-14 14:24 |
2009-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267750
|
- |
|
mediawiki
|
mediawiki
|
Multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php) in MediaWiki 1.6 before 1.6.12, 1.12 before 1.12.4, and 1.13 before 1.13.4, when the installer is in …
|
CWE-79
Cross-site Scripting
|
CVE-2009-0737
|
2009-10-14 14:22 |
2009-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|