268121
|
- |
|
sugarcrm
|
sugarcrm
|
Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary c…
|
NVD-CWE-Other
|
CVE-2009-2146
|
2009-06-25 13:00 |
2009-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268122
|
- |
|
sun
|
opensolaris solaris
|
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memor…
|
CWE-399
Resource Management Errors
|
CVE-2009-2187
|
2009-06-25 13:00 |
2009-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268123
|
- |
|
gupnp
|
gupnp
|
GUPnP 0.12.7 allows remote attackers to cause a denial of service (crash) via an empty (1) subscription or (2) control message.
|
NVD-CWE-Other
|
CVE-2009-2174
|
2009-06-25 03:52 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268124
|
- |
|
irfanview
|
irfanview
|
Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-ba…
|
CWE-94
Code Injection
|
CVE-2009-2118
|
2009-06-24 14:34 |
2009-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268125
|
- |
|
foxitsoftware
|
foxit_reader jpeg2000\/jbig2_decoder_add-on
|
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, whic…
|
CWE-189
Numeric Errors
|
CVE-2009-0690
|
2009-06-24 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268126
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2170
|
2009-06-24 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268127
|
- |
|
mahara
|
mahara
|
Mahara 1.1 before 1.1.5 does not apply permission checks when saving a view that contains artefacts, which allows remote authenticated users to read another user's artefact.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2171
|
2009-06-24 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268128
|
- |
|
emn
|
coccinelle
|
Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file."
|
CWE-59
Link Following
|
CVE-2009-1753
|
2009-06-23 14:33 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268129
|
- |
|
sun
|
opensolaris solaris
|
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS sha…
|
CWE-255
Credentials Management
|
CVE-2009-1933
|
2009-06-23 14:33 |
2009-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268130
|
- |
|
google
|
chrome
|
Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary…
|
CWE-287
Improper Authentication
|
CVE-2009-2071
|
2009-06-23 14:33 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|