| Page(s) : 1 ... 343 344 345 346 347 348 349 350 351 352 [353] 354 355 356 357 358 359 360 361 362 363 ... | Result(s) : 9852 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.5 | 2009-12-31 | CVE-2009-4532 | cve | Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authenticated users, with webform cr... |
| 3.3 | 2009-12-29 | CVE-2009-4454 | cve | vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user privileges to overwrite arbitrary files via a symlink attack on /var/log/videocache/vccleaner.log. |
| 3.5 | 2009-12-28 | CVE-2009-4429 | cve | Cross-site scripting (XSS) vulnerability in the Sections module 5.x before 5.x-1.3 and 6.x before 6.x-1.3 for Drupal allows remote authenticated users with "administer sections"... |
| 3.7 | 2009-12-28 | MDVSA-2009:345 | Mandriva | A vulnerability was discovered and corrected in acl: The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links ev... |
| 3.7 | 2009-12-24 | CVE-2009-4411 | cve | The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the --physical (aka -P) or -L option is specifie... |
| 3.5 | 2009-12-23 | CVE-2009-3581 | cve | Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via (1) the DCN Description fiel... |
| 2.1 | 2009-12-23 | CVE-2009-4145 | cve | nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive i... |
| 2.6 | 2009-12-23 | CVE-2009-4409 | cve | The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC) function in Internet Initiative Japan SEIL/B1 firmware 1.00 through 2.52 use t... |
| 3.5 | 2009-12-21 | CVE-2009-4369 | cve | Cross-site scripting (XSS) vulnerability in the Contact module (modules/contact/contact.admin.inc or modules/contact/contact.module) in Drupal Core 5.x before 5.21 and 6.x befor... |
| 3.5 | 2009-12-21 | CVE-2009-4370 | cve | Cross-site scripting (XSS) vulnerability in the Menu module (modules/menu/menu.admin.inc) in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to cr... |
| 3.5 | 2009-12-21 | CVE-2009-4371 | cve | Cross-site scripting (XSS) vulnerability in the Locale module (modules/locale/locale.module) in Drupal Core 6.14, and possibly other versions including 6.15, allows remote authe... |
| 2.6 | 2009-12-16 | SUN-274110 | Sun | Sun Alert 274110 Security Vulnerability in the Apache 1.3 "mod_perl" Module Component "Status.pm" May Lead to Unauthorized Acce... |
| 2.1 | 2009-12-15 | CVE-2009-3554 | cve | Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line... |
| 3.5 | 2009-12-10 | CVE-2009-4237 | cve | Multiple cross-site scripting (XSS) vulnerabilities in TestLink before 1.8.5 allow remote attackers to inject arbitrary web script or HTML via (1) the req parameter to login.php... |
| 2.6 | 2009-12-09 | CVE-2009-4249 | cve | Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNews 1.4.6, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to injec... |
| 2.6 | 2009-12-08 | MDVSA-2009:091-1 | Mandriva | A vulnerability has been found and corrected in mod_perl v1.x and v2.x: Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_per... |
| 2.6 | 2009-12-07 | DSA-1947 | Debian | New Shibboleth packages fix cross-site scripting |
| 3.6 | 2009-12-05 | MDVSA-2009:256-1 | Mandriva | A vulnerability was discovered and corrected in dbus: The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) uses incorrect logic to ... |
| 3.3 | 2009-12-04 | CVE-2009-3304 | cve | GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorized_keys files in users' home directories, related to deb-s... |
| 1.9 | 2009-12-04 | MDVSA-2009:224-1 | Mandriva | A vulnerability has been found and corrected in postfix: Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by t... |
| Page(s) : 1 ... 343 344 345 346 347 348 349 350 351 352 [353] 354 355 356 357 358 359 360 361 362 363 ... | Result(s) : 9852 |
