|
260961
|
- |
|
asus
|
smartlogon
|
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the author…
|
CWE-255
Credentials Management
|
CVE-2009-0656
|
2017-08-17 10:29 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260962
|
- |
|
toshiba
|
face_recognition
|
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to mat…
|
CWE-255
Credentials Management
|
CVE-2009-0657
|
2017-08-17 10:29 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260963
|
- |
|
tptest
|
tptest
|
Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 allows remote attackers to have an unknown impact via a STATS line with a long email field. NOTE: the provenance of this …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0659
|
2017-08-17 10:29 |
2009-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260964
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.10 and 1.1 before 1.1.2 allow remote attackers to inject arbitrary web script or HTML via a (1) profile and (2) blog, a di…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0660
|
2017-08-17 10:29 |
2009-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260965
|
- |
|
flashtux
|
weechat
|
Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote attackers to cause a denial of service (crash) via an IRC PRIVMSG command containing crafted color codes that trigger an out-of-bounds …
|
CWE-20
Improper Input Validation
|
CVE-2009-0661
|
2017-08-17 10:29 |
2009-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260966
|
- |
|
plone
|
plonepas
|
The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product for Plone, does not properly handle the login form, which allows remote authenticated users to acquire the identity of an arbitra…
|
CWE-287
Improper Authentication
|
CVE-2009-0662
|
2017-08-17 10:29 |
2009-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260967
|
- |
|
zope
|
zodb
|
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code…
|
NVD-CWE-noinfo
CWE-94
Code Injection
|
CVE-2009-0668
|
2017-08-17 10:29 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260968
|
- |
|
zope
|
zodb
|
Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO networ…
|
CWE-287
Improper Authentication
|
CVE-2009-0669
|
2017-08-17 10:29 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260969
|
- |
|
ravenphpscripts
|
ravennuke
|
Cross-site scripting (XSS) vulnerability in the Your Account module in RavenNuke 2.30 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-0679
|
2017-08-17 10:29 |
2009-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260970
|
- |
|
plunet
|
business_manager
|
Cross-site scripting (XSS) vulnerability in pagesUTF8/auftrag_allgemeinauftrag.jsp in Plunet BusinessManager 4.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0699
|
2017-08-17 10:29 |
2009-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
