Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3169 | 1 Hitachi | 1 Jp1 File Transmission Server | 2009-09-14 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Hitachi JP1/File Transmission Server/FTP before 09-00 allow remote attackers to execute arbitrary code via unknown attack vectors. | |||||
| CVE-2008-7207 | 1 Rivetcode | 1 Rivettracker | 2009-09-11 | 2.1 LOW | N/A |
| RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php. | |||||
| CVE-2008-5375 | 1 Cmus | 1 Cmus | 2009-09-11 | 6.9 MEDIUM | N/A |
| cmus-status-display in cmus 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cmus-status temporary file. | |||||
| CVE-2008-5371 | 1 Marc Gloor | 1 Screenie | 2009-09-11 | 6.9 MEDIUM | N/A |
| screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.screenie.##### temporary file. | |||||
| CVE-2008-7202 | 1 Openwebmail.acatysmoof | 1 Openwebmail | 2009-09-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OpenWebMail before 2.53 (Stable) allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2009-3162 | 1 Multi-website | 1 Multi Website | 2009-09-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Multi Website 1.5 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to the default URI. | |||||
| CVE-2009-3147 | 1 Allenthusiast | 1 Reviewpost Php Pro | 2009-09-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in showproduct.php in ReviewPost Pro vB3 allows remote attackers to inject arbitrary web script or HTML via the date parameter. | |||||
| CVE-2008-7200 | 1 Deliantra | 1 Deliantra | 2009-09-10 | 10.0 HIGH | N/A |
| Double free vulnerability in Deliantra server engine before 2.4 has unknown impact and attack vectors. | |||||
| CVE-2008-7199 | 1 Phoenixcontact | 1 Fl Il 24 Bk-pac | 2009-09-10 | 5.0 MEDIUM | N/A |
| Phoenix Contact FL IL 24 BK-PAC allows remote attackers to cause a denial of service (hang) via (1) unspecified manipulations as demonstrated by a Nessus scan or (2) malformed input to TCP port 502. | |||||
| CVE-2008-7198 | 1 Alecwh | 1 Phpns | 2009-09-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in phpns before 2.1.1beta1 have unknown impact and attack vectors. | |||||
| CVE-2008-7197 | 1 G15tools | 1 G15daemon | 2009-09-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in G15Daemon before 1.9.4 have unknown impact and attack vectors. | |||||
| CVE-2008-7196 | 1 Mark Reinsfelder | 1 Metashell | 2009-09-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in metashell before 0.03 has unknown impact and attack vectors related to a "PATH execution security flaw," possibly an untrusted search path vulnerability. | |||||
| CVE-2009-3112 | 1 Oxidforge | 2 Oxid Eshop, Oxid Eshop4.0.0.2 14967 | 2009-09-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter. | |||||
| CVE-2008-7190 | 1 Adium | 1 Adium | 2009-09-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS). | |||||
| CVE-2009-3119 | 2 Php-fusion, X-iweb.ru | 2 Php-fusion, Download System Msf | 2009-09-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in screen.php in the Download System mSF (dsmsf) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the view_id parameter. | |||||
| CVE-2009-2266 | 1 Oxid | 1 Eshop | 2009-09-10 | 5.0 MEDIUM | N/A |
| OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie. | |||||
| CVE-2009-3120 | 1 Bigace | 1 Bigace | 2009-09-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-7191 | 1 Pps.jussieu | 1 Polipo | 2009-09-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Polipo before 1.0.4 allows remote attackers to cause a denial of service (crash) via a long request URL. | |||||
| CVE-2009-3050 | 1 Htmldoc | 1 Htmldoc | 2009-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries. | |||||
| CVE-2009-3113 | 1 Oxid | 1 Eshop | 2009-09-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter. | |||||