Export limit exceeded: 15040 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362462 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362462 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-1248 1 Acutecp 1 Acute Control Panel 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Acute Control Panel 1.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the theme_directory parameter to (1) container.php and (2) header.php in themes/.
CVE-2009-1253 1 James Stone 1 Tunapie 2026-04-23 N/A
James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file.
CVE-2009-1254 1 James Stone 1 Tunapie 2026-04-23 N/A
James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL.
CVE-2009-1255 1 Memcachedb 1 Memcached 2026-04-23 N/A
The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat ASLR protection, by sending a command to the daemon's TCP port.
CVE-2009-1257 1 Magic Iso Maker 1 Magic Iso Maker 2026-04-23 N/A
Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted CCD file.
CVE-2009-1258 2 Joomla, Rd-media 2 Joomla, Com Rdautos 2026-04-23 N/A
SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-1260 1 Ezbsystems 1 Ultraiso 2026-04-23 N/A
Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file.
CVE-2009-1262 1 Fortinet 1 Forticlient 2026-04-23 N/A
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
CVE-2009-1263 2 Alikonweb, Joomla 2 Com Bookjoomlas, Joomla 2026-04-23 N/A
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
CVE-2009-1264 2 Stanislas Rolland, Typo3 2 Sr Feuser Register, Typo3 2026-04-23 N/A
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.
CVE-2009-1265 1 Linux 1 Linux Kernel 2026-04-23 N/A
Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.
CVE-2009-1266 1 Wireshark 1 Wireshark 2026-04-23 N/A
Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors.
CVE-2009-1329 1 Mini-stream 1 Shadow Stream Recorder 2026-04-23 N/A
Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0.1.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
CVE-2009-1267 2 Microsoft, Wireshark 2 Windows, Wireshark 2026-04-23 N/A
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
CVE-2009-1268 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
CVE-2009-1269 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
CVE-2009-1270 3 Canonical, Clamav, Debian 3 Ubuntu Linux, Clamav, Debian Linux 2026-04-23 N/A
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.
CVE-2009-1271 1 Php 1 Php 2026-04-23 N/A
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.
CVE-2009-1272 1 Php 1 Php 2026-04-23 N/A
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction.
CVE-2009-1273 1 Andrew J.korty 1 Pam Ssh 2026-04-23 N/A
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.