Max CVSS 9.3 Min CVSS 2.1 Total Count24
IDCVSSSummaryLast (major) updatePublished
CVE-2009-3736 6.9
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a T
07-12-2016 - 22:01 29-11-2009 - 08:07
CVE-2009-4022 2.6
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS c
06-12-2016 - 21:59 25-11-2009 - 11:30
CVE-2009-2625 5.0
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop a
05-05-2014 - 00:32 06-08-2009 - 11:30
CVE-2009-3894 4.4
Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory.
01-09-2013 - 02:09 29-11-2009 - 08:07
CVE-2009-3547 6.9
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathna
20-08-2013 - 02:34 04-11-2009 - 10:30
CVE-2009-3553 5.0
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash
14-05-2013 - 23:00 19-11-2009 - 21:30
CVE-2009-4118 2.1
The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of servi
25-10-2012 - 00:00 30-11-2009 - 19:30
CVE-2009-2903 7.1
Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (me
12-04-2012 - 00:00 15-09-2009 - 18:30
CVE-2005-4881 4.9
The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vec
19-03-2012 - 00:00 19-10-2009 - 16:00
CVE-2009-2910 4.9
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 p
19-03-2012 - 00:00 20-10-2009 - 13:30
CVE-2009-3286 4.6
NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privi
19-03-2012 - 00:00 22-09-2009 - 06:30
CVE-2009-3612 4.9
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensit
19-03-2012 - 00:00 19-10-2009 - 16:00
CVE-2009-3620 4.9
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash
19-03-2012 - 00:00 22-10-2009 - 12:00
CVE-2009-3621 4.9
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing
19-03-2012 - 00:00 22-10-2009 - 12:00
CVE-2009-3726 7.8
The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect
19-03-2012 - 00:00 09-11-2009 - 14:30
CVE-2009-4023 7.5
Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vect
07-12-2010 - 01:43 29-11-2009 - 08:07
CVE-2009-2560 5.0
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP diss
01-12-2010 - 00:00 21-07-2009 - 13:30
CVE-2009-3829 9.3
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
21-08-2010 - 01:36 30-10-2009 - 16:30
CVE-2009-3551 5.0
Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace.
21-08-2010 - 01:36 30-10-2009 - 16:30
CVE-2009-3550 4.3
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of
21-08-2010 - 01:36 30-10-2009 - 16:30
CVE-2009-3549 5.0
packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace.
21-08-2010 - 01:36 30-10-2009 - 16:30
CVE-2009-2820 4.3
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTT
21-08-2010 - 01:34 10-11-2009 - 14:30
CVE-2009-3936 5.8
Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x before 11.0.150 and 11.x before 11.2, Online Plug-in for Mac before 11.0, Receiver for iPhone before 1.0.3, and ICA Java, Mac, UNIX, and Windows Clients for XenApp and XenDesktop a
24-11-2009 - 02:04 13-11-2009 - 11:30
CVE-2009-3303 4.3
Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GForge 4.5.14, 4.7 rc2, and 4.8.1 allows remote attackers to inject arbitrary web script or HTML via the helpname parameter.
24-11-2009 - 00:00 24-11-2009 - 12:30
Back to Top Mark selected
Back to Top