Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by NVD-CWE-noinfo
Total 22706 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-4294 1 Sun 1 Ray Server Software 2009-12-13 10.0 HIGH N/A
Unspecified vulnerability in the Authentication Manager (aka utauthd) in Sun Ray Server Software 4.0 and 4.1 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
CVE-2009-4167 2 Lukas Taferner, Typo3 2 It Basetag, Typo3 2009-12-06 6.4 MEDIUM N/A
Unspecified vulnerability in the Automatic Base Tags for RealUrl (lt_basetag) extension 1.0.0 for TYPO3 allows remote attackers to conduct "Cache spoofing" attacks via unspecified vectors.
CVE-2009-4190 1 Sun 1 Opensolaris 2009-12-03 7.8 HIGH N/A
Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 allows remote attackers to cause a denial of service (panic) via unknown vectors, as demonstrated by the vd_solaris2 module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2009-4162 2 Mauro Lorenzutti, Typo3 2 Wfqbe, Typo3 2009-12-02 7.2 HIGH N/A
Unspecified vulnerability in the DB Integration (wfqbe) extension 1.3.1 and earlier for TYPO3 allows local users to execute arbitrary commands via unspecified vectors.
CVE-2009-4160 2 Kurt Kunig, Typo3 2 Kk Downloader, Typo3 2009-12-02 5.0 MEDIUM N/A
Unspecified vulnerability in the Simple download-system with counter and categories (kk_downloader) extension 1.2.1 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
CVE-2009-4153 1 Ibm 1 Websphere Portal 2009-12-02 7.5 HIGH N/A
Unspecified vulnerability in the XMLAccess component in IBM WebSphere Portal 6.1.x before 6.1.0.3 has unknown impact and attack vectors, related to the work directory.
CVE-2009-3841 2 Hp, Microsoft 2 Discovery\&dependency Mapping Inventory, Windows 2009-11-23 9.0 HIGH N/A
Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors.
CVE-2009-3855 1 Ibm 1 Tivoli Storage Manager 2009-11-17 9.3 HIGH N/A
Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors.
CVE-2009-3836 1 Arubanetworks 2 Aruba Mobility Controller, Arubaos 2009-11-08 6.1 MEDIUM N/A
ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the Aruba Mobility Controller allows remote attackers to cause a denial of service (Access Point crash) via a malformed 802.11 Association Request management frame.
CVE-2009-3818 2 Stanislas Rolland, Typo3 2 Sr Freecap, Typo3 2009-10-28 10.0 HIGH N/A
Unspecified vulnerability in the session handling feature in freeCap CAPTCHA (sr_freecap) extension 1.2.0 and earlier for TYPO3 has unknown impact and attack vectors.
CVE-2009-2942 2 Mysql, Mysql-ocaml 2 Mysql, Mysql-ocaml 2009-10-26 7.5 HIGH N/A
The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
CVE-2009-2943 2 Ocaml, Postgresql 2 Postgresql-ocaml, Postgresql 2009-10-22 7.5 HIGH N/A
The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
CVE-2009-3706 1 Sun 2 Opensolaris, Solaris 2009-10-16 4.4 MEDIUM N/A
Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call.
CVE-2000-1241 1 Sips 1 Sips 2009-10-13 10.0 HIGH N/A
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault."
CVE-2007-5619 1 Vmware 1 Server 2009-10-13 7.2 HIGH N/A
Unspecified vulnerability in VMware Server before 1.0.4 causes user passwords to be recorded in cleartext in server logs, which might allow local users to gain privileges.
CVE-2009-3350 2 Drupal, Roshan Shah 2 Drupal, Subdomain Manager 2009-10-11 10.0 HIGH N/A
Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors.
CVE-2009-2870 1 Cisco 1 Ios 2009-09-30 7.8 HIGH N/A
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880.
CVE-2009-2868 1 Cisco 1 Ios 2009-09-30 7.8 HIGH N/A
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.
CVE-2009-2871 1 Cisco 1 Ios 2009-09-30 7.8 HIGH N/A
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.
CVE-2009-2873 1 Cisco 1 Ios 2009-09-30 7.1 HIGH N/A
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.