CVE List - 2009 / December
Showing 1 - 100 of 440 CVEs for December 2009 (Page 1 of 5)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2009-4117 | 2009-12-01 | Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit... |
| CVE-2009-4119 | 2009-12-01 | Cross-site scripting (XSS) vulnerability in Feed Element Mapper module 5.x... |
| CVE-2009-4128 | 2009-12-01 | GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the... |
| CVE-2009-4118 | 2009-12-01 | The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco... |
| CVE-2009-4120 | 2009-12-01 | Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.Cart 3.4 allow... |
| CVE-2009-4121 | 2009-12-01 | Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.CMS 2.4 and... |
| CVE-2009-2626 | 2009-12-01 | The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and... |
| CVE-2009-3672 | 2009-12-02 | Microsoft Internet Explorer 6 and 7 does not properly handle... |
| CVE-2009-4055 | 2009-12-02 | rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before... |
| CVE-2009-4150 | 2009-12-02 | dasauto in IBM DB2 8 before FP18, 9.1 before FP8,... |
| CVE-2009-3585 | 2009-12-02 | Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT... |
| CVE-2009-4026 | 2009-12-02 | The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows... |
| CVE-2009-4027 | 2009-12-02 | Race condition in the mac80211 subsystem in the Linux kernel... |
| CVE-2009-4151 | 2009-12-02 | Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT... |
| CVE-2009-2686 | 2009-12-02 | Unspecified vulnerability in HP NonStop G06.12.00 through G06.32.00, H06.08.00 through... |
| CVE-2009-4152 | 2009-12-02 | Cross-site scripting (XSS) vulnerability in the Collaboration component in IBM... |
| CVE-2009-4153 | 2009-12-02 | Unspecified vulnerability in the XMLAccess component in IBM WebSphere Portal... |
| CVE-2009-4155 | 2009-12-02 | Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow remote attackers... |
| CVE-2009-4156 | 2009-12-02 | PHP remote file inclusion vulnerability in modules/pms/index.php in Ciamos CMS... |
| CVE-2009-4154 | 2009-12-02 | Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote... |
| CVE-2009-4157 | 2009-12-02 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader... |
| CVE-2009-4158 | 2009-12-02 | SQL injection vulnerability in the Calendar Base (cal) extension before... |
| CVE-2009-4159 | 2009-12-02 | Cross-site scripting (XSS) vulnerability in the newsletter configuration feature in... |
| CVE-2009-4160 | 2009-12-02 | Unspecified vulnerability in the Simple download-system with counter and categories... |
| CVE-2009-4161 | 2009-12-02 | Cross-site scripting (XSS) vulnerability in the [AN] Search it! (an_searchit)... |
| CVE-2009-4162 | 2009-12-02 | Unspecified vulnerability in the DB Integration (wfqbe) extension 1.3.1 and... |
| CVE-2009-4163 | 2009-12-02 | SQL injection vulnerability in the TW Productfinder (tw_productfinder) extension 0.0.2... |
| CVE-2009-4164 | 2009-12-02 | Cross-site scripting (XSS) vulnerability in the simple Glossar (simple_glossar) extension... |
| CVE-2009-4165 | 2009-12-02 | SQL injection vulnerability in the simple Glossar (simple_glossar) extension 1.0.3... |
| CVE-2009-4166 | 2009-12-02 | SQL injection vulnerability in the Trips (mchtrips) extension 2.0.0 for... |
| CVE-2009-4167 | 2009-12-02 | Unspecified vulnerability in the Automatic Base Tags for RealUrl (lt_basetag)... |
| CVE-2009-4146 | 2009-12-02 | The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c... |
| CVE-2009-4168 | 2009-12-02 | Cross-site scripting (XSS) vulnerability in Roy Tanck tagcloud.swf, as used... |
| CVE-2009-4170 | 2009-12-02 | WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, allows... |
| CVE-2009-4169 | 2009-12-02 | Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the WP-Cumulus Plug-in... |
| CVE-2009-4147 | 2009-12-02 | The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c... |
| CVE-2009-4171 | 2009-12-02 | An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and... |
| CVE-2009-4172 | 2009-12-02 | Cross-site scripting (XSS) vulnerability in index.php in CutePHP CuteNews 1.4.6... |
| CVE-2009-4173 | 2009-12-02 | Cross-site request forgery (CSRF) vulnerability in CutePHP CuteNews 1.4.6 and... |
| CVE-2009-4174 | 2009-12-02 | The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews... |
| CVE-2009-4175 | 2009-12-02 | CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote... |
| CVE-2009-4127 | 2009-12-02 | Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9.2 for Firefox... |
| CVE-2009-0895 | 2009-12-03 | Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and... |
| CVE-2009-1567 | 2009-12-03 | Multiple stack-based buffer overflows in the Lateral Arts Photobox uploader... |
| CVE-2009-4186 | 2009-12-03 | Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows... |
| CVE-2009-4187 | 2009-12-03 | Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in... |
| CVE-2009-4188 | 2009-12-03 | HP Operations Dashboard has a default password of j2deployer for... |
| CVE-2009-4189 | 2009-12-03 | HP Operations Manager has a default password of OvW*busr1 for... |
| CVE-2009-4190 | 2009-12-03 | Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 allows... |
| CVE-2009-4191 | 2009-12-03 | Unspecified vulnerability in the kernel in Sun Solaris 10 and... |
| CVE-2009-1566 | 2009-12-03 | Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio... |
| CVE-2009-4193 | 2009-12-03 | Merkaartor 0.14 allows local users to append data to arbitrary... |
| CVE-2009-4194 | 2009-12-03 | Directory traversal vulnerability in Golden FTP Server 4.30 Free and... |
| CVE-2009-4192 | 2009-12-03 | Directory traversal vulnerability in dialog/file_manager.php in Interspire Knowledge Manager 5... |
| CVE-2009-2631 | 2009-12-04 | Multiple clientless SSL VPN products that run in web browsers,... |
| CVE-2009-4195 | 2009-12-04 | Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and... |
| CVE-2009-4196 | 2009-12-04 | Multiple cross-site scripting (XSS) vulnerabilities in multiple scripts in Forms/... |
| CVE-2009-4197 | 2009-12-04 | rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains... |
| CVE-2009-4148 | 2009-12-04 | DAZ Studio 2.3.3.161, 2.3.3.163, and 3.0.1.135 allows remote attackers to... |
| CVE-2009-4198 | 2009-12-04 | SQL injection vulnerability in my_orders.php in MyMiniBill allows remote authenticated... |
| CVE-2009-4199 | 2009-12-04 | Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos... |
| CVE-2009-4200 | 2009-12-04 | SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for... |
| CVE-2009-4201 | 2009-12-04 | Multiple stack-based buffer overflows in Mp3 Tag Assistant Professional 2.92... |
| CVE-2009-4202 | 2009-12-04 | Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component... |
| CVE-2009-4203 | 2009-12-04 | Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php in Arab Portal 2.2... |
| CVE-2009-4204 | 2009-12-04 | SQL injection vulnerability in read.php in Flashlight Free Edition allows... |
| CVE-2009-4205 | 2009-12-04 | Directory traversal vulnerability in admin.php in Flashlight Free Edition allows... |
| CVE-2009-4206 | 2009-12-04 | SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links... |
| CVE-2009-4208 | 2009-12-04 | SQL injection vulnerability in the os_news module in Open-school (OS)... |
| CVE-2009-4209 | 2009-12-04 | Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in moziloCMS 1.11.1... |
| CVE-2009-3304 | 2009-12-04 | GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to... |
| CVE-2009-4207 | 2009-12-04 | Cross-site scripting (XSS) vulnerability in the Webform module 5.x before... |
| CVE-2009-3560 | 2009-12-04 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1,... |
| CVE-2009-4020 | 2009-12-04 | Stack-based buffer overflow in the hfs subsystem in the Linux... |
| CVE-2009-4211 | 2009-12-04 | The U.S. Defense Information Systems Agency (DISA) Security Readiness Review... |
| CVE-2009-4214 | 2009-12-07 | Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby... |
| CVE-2009-4215 | 2009-12-07 | Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro... |
| CVE-2009-4216 | 2009-12-07 | Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1... |
| CVE-2009-4218 | 2009-12-07 | Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System... |
| CVE-2009-4219 | 2009-12-07 | Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX control in MyActiveX.ocx... |
| CVE-2009-4220 | 2009-12-07 | PHP remote file inclusion vulnerability in includes/classes/pctemplate.php in PointComma 3.8b2... |
| CVE-2009-4221 | 2009-12-07 | SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier... |
| CVE-2009-4223 | 2009-12-07 | PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web 1.1b2... |
| CVE-2009-4224 | 2009-12-07 | Multiple PHP remote file inclusion vulnerabilities in SweetRice 0.5.4, 0.5.3,... |
| CVE-2009-4217 | 2009-12-07 | SQL injection vulnerability in the Itamar Elharar MusicGallery (com_musicgallery) component... |
| CVE-2009-4222 | 2009-12-07 | phpBazar 2.1.1fix and earlier does not require administrative authentication for... |
| CVE-2009-2749 | 2009-12-08 | Feature Pack for Communications Enabled Applications (CEA) before 1.0.0.1 for... |
| CVE-2009-3994 | 2009-12-08 | Stack-based buffer overflow in the GetUID function in src-IL/src/il_dicom.c in... |
| CVE-2009-2843 | 2009-12-08 | Java for Mac OS X 10.5 before Update 6 and... |
| CVE-2009-3586 | 2009-12-08 | Off-by-one error in src/http.c in CoreHTTP 0.5.3.1 and earlier allows... |
| CVE-2009-4225 | 2009-12-08 | Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9... |
| CVE-2009-4226 | 2009-12-08 | Race condition in the IP module in the kernel in... |
| CVE-2009-4227 | 2009-12-08 | Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in... |
| CVE-2009-4228 | 2009-12-08 | Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier... |
| CVE-2009-4033 | 2009-12-08 | A certain Red Hat patch for acpid 1.0.4 effectively triggers... |
| CVE-2009-4229 | 2009-12-08 | Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote... |
| CVE-2009-4235 | 2009-12-08 | acpid 1.0.4 sets an unrestrictive umask, which might allow local... |
| CVE-2009-4230 | 2009-12-08 | Multiple stack-based buffer overflows in src/Task.cc in the FastCGI program... |
| CVE-2009-4231 | 2009-12-08 | Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier... |
| CVE-2009-4232 | 2009-12-08 | The Kide Shoutbox (com_kide) component 0.4.6 for Joomla! does not... |