Export limit exceeded: 362450 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362450 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-1067 1 Getpixie 1 Pixie Cms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to inject arbitrary web script or HTML via the x parameter.
CVE-2009-1065 1 Getpixie 1 Pixie Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the x parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-1060 1 Apple 2 Mac Os X, Safari 2026-04-23 N/A
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Charlie Miller during a PWN2OWN competition at CanSecWest 2009.
CVE-2009-1059 1 Powerzip 1 Powerzip 2026-04-23 N/A
Stack-based buffer overflow in Trident PowerZip 7.2 might allow remote attackers to execute arbitrary code via a crafted .zip file. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product.
CVE-2009-1056 1 Ibm 1 Rational Appscan 2026-04-23 N/A
IBM Rational AppScan Enterprise before 5.5 FP1 allows remote attackers to read arbitrary exported reports by "forcefully browsing."
CVE-2009-1055 1 Sitecore 1 Cms 2026-04-23 N/A
Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 rev. 071114 allows remote authenticated users to gain access to security databases, and obtain administrative and user credentials, via unknown vectors related to SOAP and XML requests.
CVE-2009-0933 1 Dotclear 1 Dotclear 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the administrative interface in Dotclear before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-0936 1 Tor 1 Tor 2026-04-23 N/A
Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes."
CVE-2009-0937 1 Tor 1 Tor 2026-04-23 N/A
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors.
CVE-2009-0938 1 Tor 1 Tor 2026-04-23 N/A
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input."
CVE-2009-0939 1 Tor 1 Tor 2026-04-23 N/A
Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0.
CVE-2009-0942 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading Style Sheets (CSS) are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files.
CVE-2009-0943 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that HTML pathnames are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files.
CVE-2009-0944 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
The Microsoft Office Spotlight Importer in Spotlight in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not properly validate Microsoft Office files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a file that triggers memory corruption.
CVE-2009-0954 1 Apple 1 Quicktime 2026-04-23 N/A
Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types.
CVE-2009-0956 1 Apple 1 Quicktime 2026-04-23 N/A
Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero.
CVE-2009-0957 1 Apple 1 Quicktime 2026-04-23 N/A
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.
CVE-2009-0959 1 Apple 2 Iphone Os, Ipod Touch 2026-04-23 N/A
The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input validation issue."
CVE-2009-0960 1 Apple 2 Iphone Os, Ipod Touch 2026-04-23 N/A
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device address and when an e-mail is read via an HTML email containing an image URL.
CVE-2009-0961 1 Apple 2 Iphone Os, Ipod Touch 2026-04-23 N/A
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert.