Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-0846 | 10.0 |
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code
|
09-02-2024 - 03:21 | 09-04-2009 - 00:30 | |
CVE-2009-0844 | 5.8 |
The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that tri
|
21-01-2020 - 15:45 | 09-04-2009 - 00:30 | |
CVE-2009-1144 | 6.9 |
Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process
|
06-03-2019 - 16:30 | 09-04-2009 - 15:08 | |
CVE-2009-0320 | 4.0 |
Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O Other Bytes column in Task Manager (aka taskmgr.exe
|
11-10-2018 - 21:01 | 28-01-2009 - 18:30 | |
CVE-2009-0197 | 9.3 |
Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.
|
11-10-2018 - 21:00 | 09-04-2009 - 15:08 | |
CVE-2009-1337 | 4.4 |
The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies
|
10-10-2018 - 19:36 | 22-04-2009 - 15:30 | |
CVE-2009-1350 | 10.0 |
Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe, and sending RPC messages that trigger a dereferenc
|
10-10-2018 - 19:36 | 21-04-2009 - 16:24 | |
CVE-2009-0847 | 4.3 |
The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, rela
|
10-10-2018 - 19:32 | 09-04-2009 - 00:30 | |
CVE-2001-0716 | 5.0 |
Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server.
|
10-10-2017 - 01:29 | 06-12-2001 - 05:00 | |
CVE-2012-2339 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Glossary module 6.x-1.x before 6.x-1.8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "taxonomy information."
|
29-08-2017 - 01:31 | 21-05-2012 - 20:55 | |
CVE-2010-4940 | 7.5 |
SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
29-08-2017 - 01:29 | 09-10-2011 - 10:55 | |
CVE-2009-4737 | 9.3 |
Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "p
|
17-08-2017 - 01:31 | 06-04-2010 - 22:30 | |
CVE-2005-1413 | 7.5 |
Multiple SQL injection vulnerabilities in enVivo!CMS allow remote attackers to execute arbitrary SQL commands and gain privileges via the (1) username or (2) password parameters to admin_login.asp, or the (3) searchstring and possibly (4) ID paramete
|
11-07-2017 - 01:32 | 03-05-2005 - 04:00 | |
CVE-2016-7902 | 6.5 |
Unrestricted file upload vulnerability in the fileUnzip->unzip method in Dotclear before 2.10.3 allows remote authenticated users with permissions to manage media items to execute arbitrary code by uploading a ZIP file containing a file with a crafte
|
07-01-2017 - 03:00 | 04-01-2017 - 21:59 | |
CVE-2009-1250 | 7.8 |
The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that
|
26-01-2011 - 06:35 | 09-04-2009 - 00:30 | |
CVE-2009-1251 | 10.0 |
Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX res
|
26-01-2011 - 06:35 | 09-04-2009 - 00:30 |