Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3177 | 1 Kaspersky | 2 Kaspersky Anti-virus Scanner, Kaspersky Online Scanner | 2009-09-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Kaspersky Online Scanner 7.0 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, (1) "Kaspersky Online Antivirus Scanner 7.0 exploit (Linux)" and (2) "Kaspersky Online Antivirus Scanner 7.0 exploit (Windows)." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3178 | 1 Symantec | 1 Altiris Deployment Solution | 2009-09-13 | 7.8 HIGH | N/A |
| Unspecified vulnerability in mm.exe in Symantec Altiris Deployment Solution 6.9 allows remote attackers to cause a denial of service via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.18, "Symantec Altiris Deployment Solution 6.9 DoS." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-7207 | 1 Rivetcode | 1 Rivettracker | 2009-09-11 | 2.1 LOW | N/A |
| RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php. | |||||
| CVE-2008-5371 | 1 Marc Gloor | 1 Screenie | 2009-09-10 | 6.9 MEDIUM | N/A |
| screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.screenie.##### temporary file. | |||||
| CVE-2008-5375 | 1 Cmus | 1 Cmus | 2009-09-10 | 6.9 MEDIUM | N/A |
| cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file. | |||||
| CVE-2008-7202 | 1 Openwebmail.acatysmoof | 1 Openwebmail | 2009-09-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OpenWebMail before 2.53 (Stable) allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2009-3157 | 2 Drupal, Karen Stevenson | 2 Drupal, Calendar | 2009-09-10 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Calendar module 6.x before 6.x-2.2 for Drupal allows remote authenticated users, with "create new content types" privileges, to inject arbitrary web script or HTML via the title of a content type. | |||||
| CVE-2009-3162 | 1 Multi-website | 1 Multi Website | 2009-09-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Multi Website 1.5 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to the default URI. | |||||
| CVE-2009-3147 | 1 Allenthusiast | 1 Reviewpost Php Pro | 2009-09-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in showproduct.php in ReviewPost Pro vB3 allows remote attackers to inject arbitrary web script or HTML via the date parameter. | |||||
| CVE-2008-7196 | 1 Mark Reinsfelder | 1 Metashell | 2009-09-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in metashell before 0.03 has unknown impact and attack vectors related to a "PATH execution security flaw," possibly an untrusted search path vulnerability. | |||||
| CVE-2008-7197 | 1 G15tools | 1 G15daemon | 2009-09-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in G15Daemon before 1.9.4 have unknown impact and attack vectors. | |||||
| CVE-2008-7198 | 1 Alecwh | 1 Phpns | 2009-09-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have unknown impact and attack vectors. | |||||
| CVE-2008-7199 | 1 Phoenixcontact | 1 Fl Il 24 Bk-pac | 2009-09-10 | 5.0 MEDIUM | N/A |
| Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a denial of service (hang) via (1) unspecified manipulations as demonstrated by a Nessus scan or (2) malformed input to TCP port 502. | |||||
| CVE-2008-7200 | 1 Deliantra | 1 Deliantra | 2009-09-10 | 10.0 HIGH | N/A |
| Double free vulnerability in Deliantra server engine before 2.4 has unknown impact and attack vectors. | |||||
| CVE-2008-7189 | 1 Bastian Blumentritt | 1 Local Media Browser | 2009-09-09 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Local Media Browser before 0.1 have unknown impact and attack vectors related to "Security holes." | |||||
| CVE-2008-7190 | 1 Adium | 1 Adium | 2009-09-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS). | |||||
| CVE-2008-7191 | 1 Pps.jussieu | 1 Polipo | 2009-09-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Polipo before 1.0.4 allows remote attackers to cause a denial of service (crash) via a long request URL. | |||||
| CVE-2009-2266 | 1 Oxid | 1 Eshop | 2009-09-09 | 5.0 MEDIUM | N/A |
| OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie. | |||||
| CVE-2009-3050 | 1 Htmldoc | 1 Htmldoc | 2009-09-09 | 10.0 HIGH | N/A |
| Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries. | |||||
| CVE-2009-3112 | 1 Oxidforge | 2 Oxid Eshop, Oxid Eshop4.0.0.2 14967 | 2009-09-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter. | |||||