Max CVSS | 10.0 | Min CVSS | 4.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-3897 | 4.6 |
Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir d
|
08-02-2024 - 15:21 | 24-11-2009 - 17:30 | |
CVE-2009-3560 | 5.0 |
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that
|
01-11-2023 - 17:16 | 04-12-2009 - 21:30 | |
CVE-2009-4034 | 5.8 |
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 c
|
10-10-2018 - 19:48 | 15-12-2009 - 18:30 | |
CVE-2009-4136 | 6.5 |
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, whic
|
10-10-2018 - 19:48 | 15-12-2009 - 18:30 | |
CVE-2010-0230 | 7.5 |
SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.
|
28-04-2011 - 04:00 | 22-01-2010 - 21:30 | |
CVE-2008-7252 | 10.0 |
libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.
|
28-01-2011 - 05:00 | 19-01-2010 - 16:30 | |
CVE-2009-4605 | 5.0 |
scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF
|
06-05-2010 - 05:52 | 19-01-2010 - 16:30 | |
CVE-2008-7251 | 10.0 |
libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.
|
06-05-2010 - 04:00 | 19-01-2010 - 16:30 | |
CVE-2009-3942 | 6.4 |
Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attack
|
28-01-2010 - 07:00 | 16-11-2009 - 19:30 |