|
306211
|
9.8 |
CRITICAL
Network
|
apple
|
files
|
Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2009-0947
|
2024-11-21 10:01 |
2021-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306212
|
9.8 |
CRITICAL
Network
|
dell
|
emc_replistor
|
EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where…
|
NVD-CWE-noinfo
|
CVE-2009-1120
|
2024-11-21 10:01 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306213
|
6.1 |
MEDIUM
Network
|
apache
|
juddi
|
Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 allows remote attackers to inject arbitrary web script or HTML via the dsname parameter to happyjuddi.jsp.
|
CWE-79
Cross-site Scripting
|
CVE-2009-1198
|
2024-11-21 10:01 |
2017-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306214
|
5.3 |
MEDIUM
Network
|
apache
|
juddi
|
Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp.
|
CWE-20
Improper Input Validation
|
CVE-2009-1197
|
2024-11-21 10:01 |
2017-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306215
|
- |
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with t…
|
CWE-20
Improper Input Validation
|
CVE-2009-0905
|
2024-11-21 10:01 |
2011-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306216
|
- |
|
ibm
|
websphere_mq
|
Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 before 6.0.2.7 and 7.0 before 7.0.1.0 allows local users to gain privileges via crafted SSL information in a Client Channel Definition…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0900
|
2024-11-21 10:01 |
2011-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306217
|
- |
|
dell
|
wyse_device_manager
|
hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 que…
|
CWE-287
Improper Authentication
|
CVE-2009-0695
|
2024-11-21 10:00 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306218
|
- |
|
dell
|
wyse_device_manager
|
Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote attackers to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0693
|
2024-11-21 10:00 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306219
|
- |
|
redhat
|
network_satellite_server
|
Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which allows remote attackers to (1) obtain unspecified sensitive host information or (2) use the server…
|
CWE-200
Information Exposure
|
CVE-2009-0788
|
2024-11-21 10:00 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306220
|
7.5 |
HIGH
Network
|
mirc
|
mirc
|
mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2008-7314
|
2024-11-21 09:58 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
