|
306651
|
6.1 |
MEDIUM
Network
|
sumo
|
google_analyticator
|
The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for Google Analytics API text.
|
CWE-20
Improper Input Validation
|
CVE-2009-5158
|
2024-11-21 10:11 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306652
|
8.8 |
HIGH
Network
|
linksys
|
wag54g2_firmware
|
On Linksys WAG54G2 1.00.10 devices, there is authenticated command injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable.
|
CWE-77
Command Injection
|
CVE-2009-5157
|
2024-11-21 10:11 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306653
|
9.8 |
CRITICAL
Network
|
veracomp
|
asmax_ar-804gu_firmware
|
An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Command Injection via the cgi-bin/script query string.
|
CWE-77
Command Injection
|
CVE-2009-5156
|
2024-11-21 10:11 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306654
|
7.5 |
HIGH
Network
|
gnu
netapp
|
glibc
steelstore_cloud_integrated_storage
ontap_select_deploy_administration_utility
cloud_backup
|
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application …
|
CWE-19
Data Processing Errors
|
CVE-2009-5155
|
2024-11-21 10:11 |
2019-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306655
|
9.8 |
CRITICAL
Network
|
mobotix
|
s14_firmware
|
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2009-5154
|
2024-11-21 10:11 |
2019-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306656
|
9.8 |
CRITICAL
Network
|
microfocus
|
netware
|
In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, becau…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5153
|
2024-11-21 10:11 |
2018-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306657
|
4.1 |
MEDIUM
Local
|
absolute
|
computrace_agent
|
Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to…
|
CWE-362
Race Condition
|
CVE-2009-5152
|
2024-11-21 10:11 |
2018-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306658
|
6.7 |
MEDIUM
Local
|
absolute
|
computrace_agent
|
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code o…
|
CWE-284
Improper Access Control
|
CVE-2009-5151
|
2024-11-21 10:11 |
2018-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306659
|
6.7 |
MEDIUM
Local
|
absolute
|
computrace_agent
|
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended sea…
|
CWE-284
Improper Access Control
|
CVE-2009-5150
|
2024-11-21 10:11 |
2018-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306660
|
6.5 |
MEDIUM
Adjacent
|
symantec
|
altiris_deployment_solution
|
DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-0109
|
2024-11-21 10:11 |
2018-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
