|
305911
|
- |
|
jgaa
|
warftpd
|
Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2009-5141
|
2024-11-21 10:11 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305912
|
- |
|
gnu
|
gnutls
|
GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restric…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5138
|
2024-11-21 10:11 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305913
|
- |
|
mini-stream
|
castripper
|
Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arbitrary code via a long URL in the [playlist] section in a .pls file, a different vector than CVE-20…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5137
|
2024-11-21 10:11 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305914
|
- |
|
condor_project
redhat
|
condor
enterprise_mrg
|
The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cau…
|
CWE-20
Improper Input Validation
|
CVE-2009-5136
|
2024-11-21 10:11 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305915
|
- |
|
gnu
|
glibc
|
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone …
|
CWE-189
Numeric Errors
|
CVE-2009-5029
|
2024-11-21 10:11 |
2013-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305916
|
- |
|
nextapp
|
echo
|
The Java XML parser in Echo before 2.1.1 and 3.x before 3.0.b6 allows remote attackers to read arbitrary files via a request containing an external entity declaration in conjunction with an entity re…
|
CWE-20
Improper Input Validation
|
CVE-2009-5135
|
2024-11-21 10:11 |
2013-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305917
|
- |
|
utorrent
|
utorrent
|
Buffer overflow in the "create torrent dialog" functionality in uTorrent 1.8.3 build 15772, and possibly other versions before 1.8.3 (Build 16010), allows user-assisted remote attackers to cause a de…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5134
|
2024-11-21 10:11 |
2013-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305918
|
- |
|
html2ps_project
|
html2ps
|
Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. (dot dot) in the "include file" SSI directive. NOTE: this issue only might be a vul…
|
CWE-22
Path Traversal
|
CVE-2009-5067
|
2024-11-21 10:11 |
2012-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305919
|
- |
|
websense
|
websense_web_security
websense_web_filter
|
The Filtering Service in Websense Web Security and Web Filter before 6.3.1 Hotfix 106 and 7.x before 7.1 allow remote attackers to cause a denial of service (filtering outage) via a crafted URL.
|
NVD-CWE-noinfo
|
CVE-2009-5132
|
2024-11-21 10:11 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305920
|
- |
|
websense
|
websense_email_security
|
The Receive Service in Websense Email Security before 7.1 does not recognize domain extensions in the blacklist, which allows remote attackers to bypass intended access restrictions and send e-mail m…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5131
|
2024-11-21 10:11 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
