|
260441
|
- |
|
openbsd
|
openssh
|
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privilege…
|
CWE-16
Configuration
|
CVE-2009-2904
|
2017-09-19 10:29 |
2009-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260442
|
- |
|
fedorahosted
|
newt
|
Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to disp…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2905
|
2017-09-19 10:29 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260443
|
- |
|
sun
|
opensolaris
solaris
|
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function …
|
NVD-CWE-noinfo
|
CVE-2009-2912
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260444
|
- |
|
imtoo
|
mpeg_encoder
|
Stack-based buffer overflow in ImTOO MPEG Encoder 3.1.53 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted string in a (1) .cue or (2) .m3u…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2917
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260445
|
- |
|
elvinbts
|
elvinbts
|
Multiple cross-site scripting (XSS) vulnerabilities in Elvin 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) component and (2) priority parameters to buglist.php; and …
|
CWE-79
Cross-site Scripting
|
CVE-2009-2920
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260446
|
- |
|
mocdesigns
|
php_news
|
Multiple SQL injection vulnerabilities in login.php in MOC Designs PHP News 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) newsuser parameter (User field) and (2) newspasswo…
|
CWE-89
SQL Injection
|
CVE-2009-2921
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260447
|
- |
|
bitmixsoft
|
php-lance
|
Multiple directory traversal vulnerabilities in BitmixSoft PHP-Lance 1.52 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to show.php and (2) in parame…
|
CWE-22
Path Traversal
|
CVE-2009-2923
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260448
|
- |
|
videosbroadcastyourself
|
videos_broadcast_yourself
|
Multiple SQL injection vulnerabilities in Videos Broadcast Yourself 2 allow remote attackers to execute arbitrary SQL commands via the (1) UploadID parameter to videoint.php, and possibly the (2) cat…
|
CWE-89
SQL Injection
|
CVE-2009-2924
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260449
|
- |
|
djcalendar
|
djcalendar
|
Directory traversal vulnerability in DJcalendar.cgi in DJCalendar allows remote attackers to read arbitrary files via a .. (dot dot) in the TEMPLATE parameter.
|
CWE-22
Path Traversal
|
CVE-2009-2925
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260450
|
- |
|
phpcompet.free
|
php_competition_system
|
Multiple SQL injection vulnerabilities in PHP Competition System BETA 0.84 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) day parameter to show_matchs.php and (2) pa…
|
CWE-89
SQL Injection
|
CVE-2009-2926
|
2017-09-19 10:29 |
2009-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
