Total 18193 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-4013 2 Canonical, Debian 3 Ubuntu Linux, Debian Linux, Lintian 2024-11-21 9.8 Critical
Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control files of patch systems.
CVE-2009-3887 1 Ytnef Project 1 Ytnef 2024-11-21 9.8 Critical
ytnef has directory traversal
CVE-2009-3616 2 Qemu, Redhat 3 Qemu, Enterprise Linux Server, Enterprise Linux Workstation 2024-11-21 9.9 Critical
Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to execute arbitrary code on the host OS by establishing a connection from a VNC client and then (1) disconnecting during data transfer, (2) sending a message using incorrect integer data types, or (3) using the Fuzzy Screen Mode protocol, related to double free vulnerabilities.
CVE-2009-3421 1 Zenas 1 Pao-bacheca Guestbook 2024-11-21 9.8 Critical
login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative access by setting the login_ok parameter to 1.
CVE-2009-2422 2 Apple, Rubyonrails 3 Mac Os X, Mac Os X Server, Ruby On Rails 2024-11-21 9.8 Critical
The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication for applications that are derived from this example by sending an invalid username without a password.
CVE-2009-2382 1 Jay-jayx0r 1 Phpmyblockchecker 2024-11-21 9.8 Critical
admin.php in phpMyBlockchecker 1.0.0055 allows remote attackers to bypass authentication and gain administrative access by setting the PHPMYBCAdmin cookie to LOGGEDIN.
CVE-2009-2367 1 Iomega 2 Storcenter Pro, Storcenter Pro Firmware 2024-11-21 9.8 Critical
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session_id parameter.
CVE-2009-2168 1 Egyplus 1 7ammel 2024-11-21 9.8 Critical
cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters.
CVE-2009-1936 1 Cpcommerce Project 1 Cpcommerce 2024-11-21 9.8 Critical
_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrary files via the GLOBALS[prefix] parameter, a different vector than CVE-2003-1500.
CVE-2009-1120 1 Dell 1 Emc Replistor 2024-11-21 9.8 Critical
EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker.
CVE-2009-1048 1 Snom 10 Snom 300, Snom 300 Firmware, Snom 320 and 7 more 2024-11-21 9.8 Critical
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header.
CVE-2009-0948 1 Apple 1 Files 2024-11-21 9.8 Critical
Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.
CVE-2009-0947 1 Apple 1 Files 2024-11-21 9.8 Critical
Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.
CVE-2008-7291 2 Debian, Gri Project 2 Debian Linux, Gri 2024-11-21 9.8 Critical
gri before 2.12.18 generates temporary files in an insecure way.
CVE-2008-7109 1 Kyoceramita 1 Scanner File Utility 2024-11-21 9.8 Critical
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password.
CVE-2008-5784 1 V3chat 1 V3 Chat Profiles Dating Script 2024-11-21 9.8 Critical
V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.
CVE-2008-5038 1 Novell 1 Edirectory 2024-11-21 9.8 Critical
Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.
CVE-2008-4835 1 Microsoft 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more 2024-11-21 9.8 Critical
SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request, related to "insufficiently validating the buffer size," aka "SMB Validation Remote Code Execution Vulnerability."
CVE-2008-3612 1 Apple 1 Iphone Os 2024-11-21 9.8 Critical
The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, uses predictable TCP initial sequence numbers, which allows remote attackers to spoof or hijack a TCP connection.
CVE-2008-2433 1 Trendmicro 3 Client Server Messaging Suite, Officescan, Worry-free Business Security 2024-11-21 9.8 Critical
The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration."