|
306151
|
- |
|
infradead
|
openconnect
|
Double free vulnerability in OpenConnect before 1.40 might allow remote AnyConnect SSL VPN servers to cause a denial of service (application crash) or possibly have unspecified other impact via a cra…
|
CWE-399
Resource Management Errors
|
CVE-2009-5009
|
2024-11-21 10:10 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306152
|
- |
|
cisco
|
secure_desktop
|
Cisco Secure Desktop (CSD), when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a m…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5008
|
2024-11-21 10:10 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306153
|
- |
|
cisco
|
anyconnect_ssl_vpn
|
The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files.
|
CWE-59
Link Following
|
CVE-2009-5007
|
2024-11-21 10:10 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306154
|
- |
|
e-soft24
|
banner_exchange_script
|
SQL injection vulnerability in click.php in e-soft24 Banner Exchange Script 1.0 allows remote attackers to execute arbitrary SQL commands via the targetid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-5003
|
2024-11-21 10:10 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306155
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.1-P8AE-FP001 does not record Get Content Failure Audit events, which might allow remote attackers to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5002
|
2024-11-21 10:10 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306156
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the de…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5001
|
2024-11-21 10:10 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306157
|
- |
|
ibm
|
filenet_p8_application_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2009-5000
|
2024-11-21 10:10 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306158
|
- |
|
ibm
|
filenet_p8_application_engine
|
Cross-site scripting (XSS) vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-016 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4999
|
2024-11-21 10:10 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306159
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-019 and 4.0.2.x before 4.0.2.7-P8AE-FP007, in certain FileTracker configurations, does not apply a secu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4998
|
2024-11-21 10:10 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306160
|
4.7 |
MEDIUM
Local
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or p…
|
CWE-362
CWE-476
Race Condition
NULL Pointer Dereference
|
CVE-2009-4895
|
2024-11-21 10:10 |
2010-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
