Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-4138 | 4.7 |
drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified
|
13-02-2023 - 02:20 | 16-12-2009 - 19:30 | |
CVE-2016-0800 | 4.3 |
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote
|
13-12-2022 - 12:15 | 01-03-2016 - 20:59 | |
CVE-2018-9996 | 4.3 |
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_
|
03-10-2019 - 00:03 | 10-04-2018 - 22:29 | |
CVE-2009-4324 | 9.3 |
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZL
|
30-10-2018 - 16:25 | 15-12-2009 - 02:30 | |
CVE-2001-0542 | 7.5 |
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability repo
|
12-10-2018 - 21:30 | 20-12-2001 - 05:00 | |
CVE-2009-4406 | 4.3 |
Cross-site scripting (XSS) vulnerability in Forms/login1 in American Power Conversion (APC) Switched Rack PDU AP7932 B2, running rpdu 3.3.3 or 3.7.0 on AOS 3.3.4, and possibly other versions, allows remote attackers to inject arbitrary web script or
|
10-10-2018 - 19:49 | 23-12-2009 - 21:30 | |
CVE-2009-4176 | 10.0 |
Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe.
|
10-10-2018 - 19:48 | 10-12-2009 - 22:30 | |
CVE-2009-4034 | 5.8 |
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 c
|
10-10-2018 - 19:48 | 15-12-2009 - 18:30 | |
CVE-2009-4136 | 6.5 |
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, whic
|
10-10-2018 - 19:48 | 15-12-2009 - 18:30 | |
CVE-2007-2494 | 10.0 |
Multiple stack-based buffer overflows in the PowerPointOCX ActiveX control in PowerPointViewer.ocx 3.1.0.3 allow remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUpload
|
11-10-2017 - 01:32 | 04-05-2007 - 00:19 | |
CVE-2009-4335 | 10.0 |
Multiple unspecified vulnerabilities in bundled stored procedures in the Spatial Extender component in IBM DB2 9.5 before FP5 have unknown impact and remote attack vectors, related to "remote exploits."
|
17-08-2017 - 01:31 | 16-12-2009 - 18:30 | |
CVE-2016-8290 | 3.5 |
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633.
|
29-07-2017 - 01:34 | 25-10-2016 - 14:32 | |
CVE-2009-0736 | 4.3 |
Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
08-11-2012 - 05:00 | 25-02-2009 - 20:30 | |
CVE-2009-4331 | 7.2 |
The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact and local attack vectors.
|
07-10-2010 - 05:44 | 16-12-2009 - 18:30 | |
CVE-2009-4439 | 4.0 |
Unspecified vulnerability in the Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (instance crash) by compiling a SQL query.
|
29-06-2010 - 04:00 | 28-12-2009 - 19:30 | |
CVE-2009-4438 | 6.5 |
The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated u
|
29-06-2010 - 04:00 | 28-12-2009 - 19:30 | |
CVE-2009-4328 | 4.0 |
Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (server trap) by calling a SQL stored procedure in unknown circumstances.
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
CVE-2009-4326 | 4.3 |
The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return values, which might allow attackers to defeat protect
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
CVE-2009-4330 | 7.2 |
Unspecified vulnerability in db2licm in the Engine Utilities component in IBM DB2 9.5 before FP5 has unknown impact and local attack vectors.
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
CVE-2009-4327 | 5.0 |
The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1 does not properly validate the size of a memory pool during a creation attempt, which allows attackers to cause a denial of service (memory consumption) via unspeci
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
CVE-2009-4332 | 5.0 |
db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 and 9.5 before FP5 allows attackers to cause a denial of service (NULL pointer dereference and application termination) via unspecified vectors. Per: http://cwe.mitre.org/data/def
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
CVE-2009-4334 | 4.6 |
The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 uses 0666 permissions for the STMM log file, which allows local users to cause a denial of service or have unspecified other impact by writi
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
CVE-2009-4333 | 7.5 |
The Relational Data Services component in IBM DB2 9.5 before FP5 allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command.
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
CVE-2009-4325 | 6.4 |
The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
CVE-2009-4379 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-2924.
|
23-12-2009 - 05:00 | 22-12-2009 - 23:30 | |
CVE-2009-4387 | 4.3 |
The cross-site scripting (XSS) protection mechanism in ShowInContentAreaAction.do in ManageEngine Password Manager Pro (PMP) before 6.1 Build 6104 uses case-sensitive checks for malicious inputs, which allows remote attackers to inject arbitrary web
|
23-12-2009 - 05:00 | 22-12-2009 - 23:30 | |
CVE-2009-4380 | 7.5 |
Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-2925.
|
23-12-2009 - 05:00 | 22-12-2009 - 23:30 | |
CVE-2009-4329 | 4.0 |
Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (segmentation fault) by modifying the db2ra data stream sent in a request from the Load Utility.
|
17-12-2009 - 05:00 | 16-12-2009 - 18:30 |