| Max CVSS | 10.0 | Min CVSS | 3.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-3939 | 6.6 |
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
|
25-01-2024 - 21:37 | 16-11-2009 - 19:30 | |
| CVE-2009-3889 | 6.6 |
The dbg_lvl file for the megaraid_sas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the (1) behavior and (2) logging level of the driver by modifying this file.
|
13-02-2023 - 02:20 | 16-11-2009 - 19:30 | |
| CVE-2015-2814 | 6.4 |
SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task Tracker (com.sap.mobile.healthcare.ctt) does not properly restrict access, which allows remote attackers to change the backendurl, clientid, ssourl, and infopageurl settings via uns
|
10-12-2018 - 19:29 | 01-04-2015 - 14:59 | |
| CVE-2009-4048 | 4.0 |
Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (daemon outage) via an APPE command to one socket in conjunction with a DELE command to a second socket.
|
10-10-2018 - 19:48 | 23-11-2009 - 17:30 | |
| CVE-2009-3027 | 10.0 |
VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection Server (CPS) 11d, 12.0, and 12.5; Veritas NetBackup Operations Manager (NOM) 6.0 GA through 6.5.5; Veritas Backup Reporter (VBR) 6.0 GA through 6.6; Veritas Storage Foundation (SF)
|
10-10-2018 - 19:42 | 11-12-2009 - 16:30 | |
| CVE-2007-2427 | 7.5 |
SQL injection vulnerability in index.php in the pnFlashGames 1.5 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
|
11-10-2017 - 01:32 | 02-05-2007 - 00:19 | |
| CVE-2001-1198 | 7.2 |
RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.
|
11-10-2017 - 01:29 | 15-12-2001 - 05:00 | |
| CVE-2009-0513 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 allow remote attackers to execute arbitrary PHP code via a URL in the classFiles parameter to (1) admin/doc/index.php, (2) index.php, and (3) base/menu.php in mod/.
|
29-09-2017 - 01:33 | 11-02-2009 - 00:30 | |
| CVE-2009-0514 | 7.5 |
Multiple directory traversal vulnerabilities in WebFrame 0.76 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) currentmod and (2) LANG parameters to mod/index.php.
|
29-09-2017 - 01:33 | 11-02-2009 - 00:30 | |
| CVE-2016-5492 | 3.6 |
Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality and integrity via vectors related to SMB Users.
|
28-11-2016 - 20:26 | 25-10-2016 - 14:29 | |
| CVE-2009-4041 | 5.0 |
UseBB 1.0.9 before 1.0.10 allows remote attackers to cause a denial of service (infinite loop) via crafted BBCode tags.
|
23-11-2009 - 05:00 | 20-11-2009 - 19:30 | |
| CVE-2005-1715 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2.2.178) allows remote attackers to inject arbitrary web script or HTML via the (1) m, (2) s, (3) ID, or (4) t parameters, or the (5) field name, (6) Your Web field, or (7) email fie
|
05-09-2008 - 20:49 | 24-05-2005 - 04:00 |