|
264271
|
- |
|
netbsd
|
netbsd
|
The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2482
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264272
|
- |
|
netbsd
|
netbsd
|
libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) cont…
|
CWE-189
Numeric Errors
|
CVE-2009-2483
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264273
|
- |
|
sun
|
ray_server_software
|
Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-2489
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264274
|
- |
|
sun
|
ray_server_software
|
Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to cause a denial of service (audio outage) or p…
|
NVD-CWE-noinfo
|
CVE-2009-2490
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264275
|
- |
|
sun
|
ray_server_software
|
The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to access the sessions of arbitrary users via unknown vectors related to "res…
|
NVD-CWE-noinfo
|
CVE-2009-2491
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264276
|
- |
|
anelectron
|
advanced_electron_forum
|
SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the filename in an uploaded attachme…
|
CWE-89
SQL Injection
|
CVE-2009-2545
|
2017-08-17 10:30 |
2009-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264277
|
- |
|
anelectron
|
advanced_electron_forum
|
Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x allows remote attackers to determine the existence of arbitrary files via the avatargalfile parameter when changing an avatar, w…
|
CWE-22
Path Traversal
|
CVE-2009-2546
|
2017-08-17 10:30 |
2009-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264278
|
- |
|
bistudio
|
arma
arma_2
|
Integer underflow in Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service (crash) via a VoIP over Netwo…
|
CWE-189
Numeric Errors
|
CVE-2009-2547
|
2017-08-17 10:30 |
2009-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264279
|
- |
|
scriptsez
|
easy_image_downloader
|
Multiple cross-site scripting (XSS) vulnerabilities in ScriptsEz Easy Image Downloader allow remote attackers to inject arbitrary web script or HTML via the id parameter in a detail action to (1) mai…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2551
|
2017-08-17 10:30 |
2009-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264280
|
- |
|
google
|
v8
chrome
|
Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2555
|
2017-08-17 10:30 |
2009-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
