| Max CVSS | 6.5 | Min CVSS | 4.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-3001 | 4.9 |
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC
|
16-11-2018 - 15:40 | 28-08-2009 - 15:30 | |
| CVE-2013-4467 | 6.5 |
Multiple SQL injection vulnerabilities in the agent interface (agc/) in VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allow (1) remote attackers to execute arbitrary SQL commands via the campaign variable in SCRIPT_mult
|
20-05-2014 - 04:06 | 11-03-2014 - 19:37 | |
| CVE-2013-7382 | 5.0 |
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the (1) VDAD and (2) VDCL users, which makes it easier for remote attackers to obtain access.
|
19-05-2014 - 15:46 | 17-05-2014 - 19:55 | |
| CVE-2013-4468 | 6.5 |
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an OriginateVDRelogin action to manager_send.php. Per:
|
15-05-2014 - 13:16 | 14-05-2014 - 19:55 |