Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5543 | 1 Miranda-im | 1 Miranda Im | 2009-03-18 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590. | |||||
| CVE-2007-5542 | 1 Miranda-im | 1 Miranda Im | 2009-03-18 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590. | |||||
| CVE-2009-0469 | 1 Futomis Cgi Cafe | 1 Fulltext Search Cgi | 2009-03-13 | 7.5 HIGH | N/A |
| Unspecified vulnerability in futomi's CGI Cafe Fulltext search CGI 1.1.2 allows remote attackers to gain administrative privileges via unknown vectors. | |||||
| CVE-2009-0417 | 1 Agavi | 1 Agavi | 2009-03-13 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the AgaviWebRouting::gen(null) method in Agavi 0.11 before 0.11.6 and 1.0 before 1.0.0 beta 8 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with certain characters that are not properly handled by web browsers that do not strictly follow RFC 3986, such as Internet Explorer 6 and 7. | |||||
| CVE-2008-6072 | 1 Graphicsmagick | 1 Graphicsmagick | 2009-03-13 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CINEON images. | |||||
| CVE-2008-0303 | 1 Canon | 12 I-sensys, Imagepress, Imagerunner and 9 more | 2009-03-13 | 6.4 MEDIUM | N/A |
| The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce. | |||||
| CVE-2008-6440 | 2 Cerberus, Webgroupmedia | 2 Cerberus Helpdesk, Cerberus Helpdesk | 2009-03-10 | 5.0 MEDIUM | N/A |
| Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs. | |||||
| CVE-2009-0766 | 1 Bookelves | 1 Kipper | 2009-03-06 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0762 | 1 Scriptsez | 1 Ez Php Comment | 2009-03-06 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ScriptsEz Ez PHP Comment allows remote attackers to inject arbitrary web script or HTML via the name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0466 | 1 Vivvo | 1 Vivvo | 2009-03-06 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Vivvo CMS before 4.1.1 allows remote attackers to inject arbitrary web script or HTML via a URI that triggers a 404 Page Not Found response. | |||||
| CVE-2009-0315 | 1 Xchat | 1 Xchat | 2009-03-06 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983). | |||||
| CVE-2009-0126 | 1 Berkeley | 1 Boinc Client | 2009-03-06 | 5.0 MEDIUM | N/A |
| The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_decrypt function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | |||||
| CVE-2008-5262 | 1 Devil | 1 Developers Image Library | 2009-03-06 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file. | |||||
| CVE-2008-6399 | 1 Dotnetnuke | 1 Dotnetnuke | 2009-03-06 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remote attackers to "add additional roles to their user account" via unknown attack vectors. | |||||
| CVE-2009-0821 | 1 Mozilla | 1 Firefox | 2009-03-05 | 5.0 MEDIUM | N/A |
| Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.print()) in the onclick attribute of an INPUT element. | |||||
| CVE-2009-0805 | 2 Mihai Bazon, Xoops | 2 Pical, Xoops | 2009-03-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php. | |||||
| CVE-2009-0806 | 1 Opengoo | 1 Opengoo | 2009-03-05 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authenticated users to modify their own permissions via unknown attack vectors. | |||||
| CVE-2009-0820 | 1 Php.brickhost | 1 Phpscheduleit | 2009-03-05 | 7.5 HIGH | N/A |
| Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 allow remote attackers to execute arbitrary code via (1) the end_date parameter to reserve.php and (2) the start_date and end_date parameters to check.php. NOTE: the start_date/reserve.php vector is already covered by CVE-2008-6132. | |||||
| CVE-2009-0779 | 1 Ibm | 1 Aix | 2009-03-04 | 7.2 HIGH | N/A |
| Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string." | |||||
| CVE-2009-0752 | 1 Sixapart | 1 Movable Type | 2009-03-04 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Movable Type Pro and Community Solution 4.x before 4.24 has unknown impact and attack vectors, possibly related to the password recovery mechanism. | |||||