|
277971
|
- |
|
microsoft
|
windows_vista
windows_server_2003
windows_server_2008
windows_xp
|
Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O …
|
CWE-200
CWE-362
Information Exposure
Race Condition
|
CVE-2009-0320
|
2019-02-26 23:04 |
2009-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277972
|
- |
|
microsoft
|
wordpad
|
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or …
|
CWE-399
NVD-CWE-noinfo
Resource Management Errors
|
CVE-2008-4841
|
2019-02-26 23:04 |
2008-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277973
|
- |
|
microsoft
|
windows_vista
windows_server_2003
|
Race condition in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (crash or hang) via a multi-threaded application that makes many calls to UnhookWindowsHookEx…
|
CWE-362
Race Condition
|
CVE-2008-5044
|
2019-02-26 23:04 |
2008-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277974
|
- |
|
apple
|
safari
|
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2540
|
2019-02-26 23:04 |
2008-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277975
|
- |
|
linux-pam
|
linux-pam
|
Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0579
|
2019-01-4 00:01 |
2009-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277976
|
- |
|
lighttpd
debian
|
lighttpd
debian_linux
|
lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intend…
|
CWE-200
Information Exposure
|
CVE-2008-4359
|
2018-11-30 00:46 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277977
|
- |
|
lighttpd
debian
|
lighttpd
debian_linux
|
mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might…
|
CWE-200
Information Exposure
|
CVE-2008-4360
|
2018-11-30 00:46 |
2008-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277978
|
- |
|
yate
|
yet_another_telephony_engine
|
The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri parameter using an incorrect variable that can be NULL, which allows remote attackers to cause a de…
|
CWE-20
Improper Input Validation
|
CVE-2007-1693
|
2018-11-30 00:46 |
2007-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277979
|
- |
|
omegaboard_project
|
omegaboard
|
PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
|
CWE-20
Improper Input Validation
|
CVE-2007-0683
|
2018-11-30 00:45 |
2007-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277980
|
- |
|
apache
debian
|
libapreq2
debian_linux
|
Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU con…
|
NVD-CWE-noinfo
|
CVE-2006-0042
|
2018-11-30 00:45 |
2006-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
