|
278211
|
- |
|
vmware
|
ace
workstation
player
server
|
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and…
|
NVD-CWE-noinfo
|
CVE-2009-1147
|
2018-10-31 01:26 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278212
|
- |
|
sun
|
jdk
|
Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 throu…
|
CWE-399
Resource Management Errors
|
CVE-2009-1190
|
2018-10-31 01:26 |
2009-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278213
|
- |
|
vmware
|
ace
esx
esxi
fusion
player
server
workstation
|
Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x be…
|
NVD-CWE-noinfo
|
CVE-2009-1805
|
2018-10-31 01:26 |
2009-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278214
|
- |
|
opera
|
opera_browser
|
Opera, possibly before 9.25, uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle att…
|
CWE-287
Improper Authentication
|
CVE-2009-2059
|
2018-10-31 01:26 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278215
|
- |
|
microsoft
|
internet_explorer
pocket_ie
|
Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbit…
|
CWE-287
Improper Authentication
|
CVE-2009-2064
|
2018-10-31 01:26 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278216
|
- |
|
opera
|
opera_browser
|
Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modify…
|
CWE-287
Improper Authentication
|
CVE-2009-2067
|
2018-10-31 01:26 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278217
|
- |
|
opera
|
opera_browser
|
Opera 9.52 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) inj…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2351
|
2018-10-31 01:26 |
2009-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278218
|
- |
|
php
|
php
|
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP cra…
|
NVD-CWE-Other
|
CVE-2009-2626
|
2018-10-31 01:26 |
2009-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278219
|
- |
|
sun
|
java_se
jdk
jre
sdk
|
Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK …
|
NVD-CWE-noinfo
|
CVE-2009-2676
|
2018-10-31 01:26 |
2009-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278220
|
- |
|
opera
|
opera_browser
|
Opera 9.52 and earlier, and 10.00 Beta 3 Build 1699, does not properly block data: URIs in Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) atta…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3013
|
2018-10-31 01:26 |
2009-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
