|
278061
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3725
|
2018-11-17 00:46 |
2009-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278062
|
- |
|
apple
|
iphone_os
|
Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2795
|
2018-11-17 00:38 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278063
|
- |
|
apple
canonical
|
iphone_os
ubuntu_linux
|
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote…
|
CWE-200
Information Exposure
|
CVE-2009-2797
|
2018-11-17 00:38 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278064
|
- |
|
linux
|
linux_kernel
|
Off-by-one error in the options_write function in drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to …
|
CWE-189
Numeric Errors
|
CVE-2009-2584
|
2018-11-17 00:35 |
2009-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278065
|
- |
|
canon-its
|
accessguardian
|
Cross-site scripting (XSS) vulnerability in Canon IT Solutions Inc. ACCESSGUARDIAN 3.0.14 and earlier, and 3.5.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4608
|
2018-11-16 03:13 |
2010-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278066
|
- |
|
wordpress
|
wordpress
wordpress_mu
|
The forgotten mail interface in WordPress and WordPress MU before 2.8.1 exhibits different behavior for a password request depending on whether the user account exists, which allows remote attackers …
|
CWE-16
Configuration
|
CVE-2009-2336
|
2018-11-9 05:39 |
2009-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278067
|
- |
|
wordpress
|
wordpress
wordpress_mu
|
WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.…
|
CWE-16
Configuration
|
CVE-2009-2335
|
2018-11-9 05:38 |
2009-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278068
|
- |
|
ibm
|
integrated_solutions_console
websphere_application_server
websphere_portal
|
IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere Portal Server 5.1 through 6.0, and IBM Integrated Solutions Console (ISC) 6.0.1 do not properly set …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0899
|
2018-11-9 05:37 |
2009-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278069
|
- |
|
adobe
|
acrobat_reader
|
Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 a…
|
CWE-20
Improper Input Validation
|
CVE-2009-1061
|
2018-11-9 05:28 |
2009-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278070
|
- |
|
adobe
|
acrobat
acrobat_reader
|
The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary…
|
CWE-399
Resource Management Errors
|
CVE-2009-1492
|
2018-11-9 05:28 |
2009-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
