Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2035 | 1 Drupal | 1 Services Module For Drupal | 2009-06-14 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in Services 6.x before 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote attackers to read or add keys and access unauthorized services via unspecified vectors. | |||||
| CVE-2009-1589 | 1 Cgi Rescue | 1 Cgi Rescue Minibbs22 | 2009-06-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors. | |||||
| CVE-2009-1807 | 1 Baofeng | 1 Storm | 2009-06-08 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote attackers to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009. | |||||
| CVE-2009-0588 | 1 Redhat | 2 Certificate System, Dogtag Certificate System | 2009-06-08 | 6.5 MEDIUM | N/A |
| agent/request/op.cgi in the Registration Authority (RA) component in Red Hat Certificate System (RHCS) 7.3 and Dogtag Certificate System allows remote authenticated users to approve certificate requests queued for arbitrary agent groups via a modified request ID field. | |||||
| CVE-2003-1572 | 1 Sun | 1 Jmf | 2009-06-01 | 9.3 HIGH | N/A |
| Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields. | |||||
| CVE-2009-1604 | 1 Limesurvey | 1 Limesurvey | 2009-05-22 | 7.5 HIGH | N/A |
| Unspecified vulnerability in LimeSurvey before 1.82 allows remote attackers to execute commands and obtain sensitive data via unknown attack vectors related to /admin/remotecontrol/. | |||||
| CVE-2009-1576 | 1 Drupal | 1 Drupal | 2009-05-19 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows user-assisted remote attackers to obtain sensitive information by tricking victims into visiting the front page of the site with a crafted URL and causing form data to be sent to an attacker-controlled site, possibly related to multiple / (slash) characters that are not properly handled by includes/bootstrap.inc, as demonstrated using the search box. NOTE: this vulnerability can be leveraged to conduct cross-site request forgery (CSRF) attacks. | |||||
| CVE-2008-5848 | 1 Advantech | 14 Adam-6015, Adam-6017, Adam-6018 and 11 more | 2009-05-19 | 10.0 HIGH | N/A |
| The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity. | |||||
| CVE-2009-1365 | 1 Adobe | 1 Flash Media Server | 2009-05-18 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.4 and 3.5.x before 3.5.2, as used in Flash Media Interactive Server and Flash Media Streaming Server, allows remote attackers to execute arbitrary remote procedures within an ActionScript file on the server via RPC requests. | |||||
| CVE-2009-1666 | 1 Cyclomedia | 1 Cycloscopelite | 2009-05-18 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in CycloMedia CycloScopeLite 2.50.3.0 allow remote attackers to execute arbitrary code via the ReturnConnection method in (1) CM_ADOConnection.dll, (2) CM_AddressInfoDBC.dll, and (3) CM_RecordingLocationDBC.dll, related to improper dereferencing. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-1359 | 1 Sun | 1 Opensolaris | 2009-05-13 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the SCTP sockets implementation in Sun OpenSolaris snv_106 through snv_107 allows local users to cause a denial of service (panic) via unknown vectors. | |||||
| CVE-2009-0720 | 1 Hp | 1 Openview Network Node Manager | 2009-05-12 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2009-1590 | 1 Cgi Rescue | 1 Form2mail | 2009-05-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form. | |||||
| CVE-2009-0715 | 1 Hp | 1 Storage Essentials | 2009-04-28 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors. | |||||
| CVE-2009-1156 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2009-04-27 | 5.7 MEDIUM | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet. | |||||
| CVE-2009-1158 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2009-04-27 | 7.8 HIGH | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet. | |||||
| CVE-2009-1159 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2009-04-27 | 7.8 HIGH | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets. | |||||
| CVE-2009-1332 | 1 Sun | 1 Java System Directory Server | 2009-04-27 | 5.0 MEDIUM | N/A |
| The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors. | |||||
| CVE-2009-0716 | 1 Hp | 1 Storageworks Storage Mirroring | 2009-04-27 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service or obtain "access" via unknown vectors. | |||||
| CVE-2009-0717 | 1 Hp | 1 Storageworks Storage Mirroring | 2009-04-27 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service via unknown vectors. | |||||