|
271861
|
- |
|
strongswan
|
strongswan
|
strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which trigger…
|
CWE-399
Resource Management Errors
|
CVE-2008-4551
|
2011-03-8 12:12 |
2008-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271862
|
- |
|
websense
|
enterpise
|
The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the…
|
CWE-255
Credentials Management
|
CVE-2008-4646
|
2011-03-8 12:12 |
2008-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271863
|
- |
|
typo3
|
simplesurvey
|
SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-4655
|
2011-03-8 12:12 |
2008-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271864
|
- |
|
typo3
|
frontend_users_view
|
SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-4656
|
2011-03-8 12:12 |
2008-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271865
|
- |
|
typo3
|
econda_plugin
|
SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-4657
|
2011-03-8 12:12 |
2008-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271866
|
- |
|
typo3
|
jobcontrol
|
SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-4658
|
2011-03-8 12:12 |
2008-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271867
|
- |
|
typo3
|
mannschaftsliste
|
SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2008-4659
|
2011-03-8 12:12 |
2008-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271868
|
- |
|
typo3
|
page_improvements
|
Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4661
|
2011-03-8 12:12 |
2008-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271869
|
- |
|
ibm
|
db2
|
Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in the New Compiler (aka Starburst derived compiler) component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a den…
|
NVD-CWE-noinfo
|
CVE-2008-4691
|
2011-03-8 12:12 |
2008-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271870
|
- |
|
apple
|
ipod_touch
|
Application Sandbox in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, does not properly isolate third-party applications, which allows attackers to read arbitrary files in a third-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3631
|
2011-03-8 12:11 |
2008-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
