Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6727 | 1 Max Kervin | 1 Kervinet Forum | 2009-07-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | |||||
| CVE-2009-2221 | 1 Php.s3 | 1 Php-i-board | 2009-07-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2009-1648 | 1 Suse | 1 Suse Linux | 2009-07-06 | 7.5 HIGH | N/A |
| The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services. | |||||
| CVE-2009-2298 | 1 Hp | 1 Openview Network Node Manager | 2009-07-02 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420. | |||||
| CVE-2008-5324 | 1 Ibm | 1 Rational Clearquest | 2009-07-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM Rational ClearQuest 2007 before 2007D and 2008 before 2008B allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2009-2212 | 1 Ibm | 1 Rational Clearquest | 2009-07-02 | 5.0 MEDIUM | N/A |
| The CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and 7.0.1 before 7.0.1.5 allows attackers to discover a (1) username or (2) password via unspecified vectors. | |||||
| CVE-2009-2211 | 1 Ibm | 1 Rational Clearquest | 2009-07-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and 7.0.1 before 7.0.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2009-2137 | 1 Sun | 2 Opensolaris, Solaris | 2009-07-02 | 7.8 HIGH | N/A |
| Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value. | |||||
| CVE-2009-2106 | 2 Projektseminar Proservice Wwu, Typo3 | 2 Virtual Civil Services, Typo3 | 2009-07-02 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Virtual Civil Services (civserv) extension 4.3.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-2104 | 2 Typo3, Udo Von Eynern | 2 Typo3, Modern Guest Book Commenting System | 2009-07-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Modern Guestbook / Commenting System (ve_guestbook) extension 2.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2009-2046 | 1 Cisco | 1 Video Surveillance 2500 Series Ip Camera | 2009-07-02 | 6.8 MEDIUM | N/A |
| The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497. | |||||
| CVE-2009-2045 | 1 Cisco | 2 Video Surveillance Integrated Services Platform, Video Surveillance Stream Manager | 2009-07-02 | 7.8 HIGH | N/A |
| The Cisco Video Surveillance Stream Manager firmware before 5.3, as used on Cisco Video Surveillance Services Platforms and Video Surveillance Integrated Services Platforms, allows remote attackers to cause a denial of service (reboot) via a malformed payload in a UDP packet to port 37000, related to the xvcrman process, aka Bug ID CSCsj47924. | |||||
| CVE-2009-1860 | 1 Adobe | 1 Shockwave Player | 2009-07-02 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content. | |||||
| CVE-2009-1163 | 1 Cisco | 1 Physical Access Gateway | 2009-07-02 | 7.8 HIGH | N/A |
| Memory leak on the Cisco Physical Access Gateway with software before 1.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified TCP packets. | |||||
| CVE-2009-2291 | 2 Chad Phillips, Drupal | 2 Logintoboggan, Drupal | 2009-07-01 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in LoginToboggan 6.x-1.x before 6.x-1.5, a module for Drupal, when "Allow users to login using their e-mail address" is enabled, allows remote blocked users to bypass intended access restrictions via unspecified vectors. | |||||
| CVE-2009-2186 | 1 Adobe | 1 Shockwave Player | 2009-07-01 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2009-1860, related to an older issue that "was previously resolved in Shockwave Player 11.0.0.465." | |||||
| CVE-2009-2240 | 1 Ad2000 | 1 Free-sw Leger | 2009-06-30 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in AD2000 free-sw leger (aka Web Conference Room Free) 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-6835 | 2 Drupal, Peter Wolanin | 2 Drupal, Openid | 2009-06-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in OpenID 5.x before 5.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-6819 | 1 Microsoft | 2 Windows 2003 Server, Windows Vista | 2009-06-29 | 4.7 MEDIUM | N/A |
| win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (system crash) via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possibly a race condition between threads, a different vulnerability than CVE-2008-1084. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1849 | 1 Paessler | 2 Prtg Traffic Grapher, Prtg Traffic Grapher6.0.5.416 | 2009-06-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||