Total
29592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3242 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure. | |||||
| CVE-2009-3241 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. | |||||
| CVE-2009-3236 | 1 Horde | 2 Application Framework, Groupware | 2024-11-21 | 4.3 MEDIUM | N/A |
| The form library in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; reuses temporary filenames during the upload process which allows remote attackers, with privileges to write to the address book, to overwrite arbitrary files and execute PHP code via crafted Horde_Form_Type_image form field elements. | |||||
| CVE-2009-3229 | 1 Postgresql | 1 Postgresql | 2024-11-21 | 4.0 MEDIUM | N/A |
| The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by "re-LOAD-ing" libraries from a certain plugins directory. | |||||
| CVE-2009-3183 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2009-3179 | 1 Symantec | 1 Altiris Deployment Solution | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by (1) "Symantec Altiris Deployment Solution 6.9 exploit, (2) "Symantec Altiris Deployment Solution 6.9 exploit (II)," and (3) "Symantec Altiris Deployment Solution 6.9 exploit (III)." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3178 | 1 Symantec | 1 Altiris Deployment Solution | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in mm.exe in Symantec Altiris Deployment Solution 6.9 allows remote attackers to cause a denial of service via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.18, "Symantec Altiris Deployment Solution 6.9 DoS." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3177 | 1 Kaspersky | 2 Kaspersky Anti-virus Scanner, Kaspersky Online Scanner | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Kaspersky Online Scanner 7.0 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, (1) "Kaspersky Online Antivirus Scanner 7.0 exploit (Linux)" and (2) "Kaspersky Online Antivirus Scanner 7.0 exploit (Windows)." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3172 | 1 Hitachi | 3 Groupmax Groupware Server, Groupmax Scheduler Server Set, Groupmax Server Set | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Hitachi Groupmax Groupware Server 07-00 through 07-50-/A, Groupmax Server Set 03-00 through 06-52, Groupware Server Set 03-00 through 06-52, and Scheduler Server Set 03-00 through 06-52 has unknown impact and attack vectors related to invalid access rights. | |||||
| CVE-2009-3169 | 1 Hitachi | 1 Jp1 File Transmission Server | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Hitachi JP1/File Transmission Server/FTP before 09-00 allow remote attackers to execute arbitrary code via unknown attack vectors. | |||||
| CVE-2009-3164 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. NOTE: this issue exists because of an incomplete fix for CVE-2009-2136. | |||||
| CVE-2009-3161 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 7.8 HIGH | N/A |
| The server in IBM WebSphere MQ 7.0.0.1, 7.0.0.2, and 7.0.1.0 allows attackers to cause a denial of service (trap) or possibly have unspecified other impact via malformed data. | |||||
| CVE-2009-3160 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 8.8 HIGH | N/A |
| IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue. | |||||
| CVE-2009-3159 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the rriDecompress function in IBM WebSphere MQ 7.0.0.0, 7.0.0.1, and 7.0.0.2 allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2009-3113 | 1 Oxid | 1 Eshop | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.2, 3.x, and 2.x allows remote attackers to gain write access to product reviews via a crafted parameter. | |||||
| CVE-2009-3112 | 1 Oxidforge | 2 Oxid Eshop, Oxid Eshop4.0.0.2 14967 | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter. | |||||
| CVE-2009-3109 | 1 Symantec | 1 Altiris Deployment Solution | 2024-11-21 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the AClient agent in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430, when key-based authentication is being used between a deployment server and a client, allows remote attackers to bypass authentication and execute arbitrary commands as SYSTEM by spoofing the deployment server and sending "alternate commands" before the handshake is completed. | |||||
| CVE-2009-3099 | 2 Hp, Microsoft | 2 Operations Manager, Windows Server 2003 | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP OpenView Operations Manager 8.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2007-3872. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3098 | 2 Hp, Microsoft | 2 Operations Dashboard, Windows Server 2003 | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3096 | 2 Hp, Microsoft | 2 Performance Insight, Windows | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in HP Performance Insight 5.3 allow remote attackers to have an unknown impact, related to (1) a "Remote exploit" on Windows platforms, and (2) a "Remote preauthentication exploit" on the Windows Server 2003 SP2 platform, as demonstrated by certain modules in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||