Search

Expected end of text, found '.' (at char 12), (line:1, col:13)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (335505 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-5049 2 Debian, Mortbay 2 Debian Linux, Jetty 2024-11-21 6.1 Medium
WebApp JSP Snoop page XSS in jetty though 6.1.21.
CVE-2009-5048 1 Mortbay 1 Jetty 2024-11-21 6.1 Medium
Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20.
CVE-2009-5046 2 Debian, Eclipse 2 Debian Linux, Jetty 2024-11-21 6.1 Medium
JSP Dump and Session Dump Servlet XSS in jetty before 6.1.22.
CVE-2009-5045 2 Debian, Eclipse 2 Debian Linux, Jetty 2024-11-21 7.5 High
Dump Servlet information leak in jetty before 6.1.22.
CVE-2009-5043 2 Burn Project, Debian 2 Burn, Debian Linux 2024-11-21 9.8 Critical
burn allows file names to escape via mishandled quotation marks
CVE-2009-5042 2 Debian, Python-docutils Project 2 Debian Linux, Python-docutils 2024-11-21 9.1 Critical
python-docutils allows insecure usage of temporary files
CVE-2009-5041 1 Debian 1 Overkill 2024-11-21 9.8 Critical
overkill has buffer overflow via long player names that can corrupt data on the server machine
CVE-2009-5025 1 Pyforum Project 1 Pyforum 2024-11-21 7.5 High
A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user.
CVE-2009-5004 2 Apache, Redhat 2 Qpid-cpp, Enterprise Mrg 2024-11-21 6.5 Medium
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .
CVE-2009-4900 1 Pixelpost 1 Pixelpost 2024-11-21 6.1 Medium
pixelpost 1.7.1 has XSS
CVE-2009-4899 1 Pixelpost 1 Pixelpost 2024-11-21 9.8 Critical
pixelpost 1.7.1 has SQL injection
CVE-2009-4267 1 Apache 1 Juddi 2024-11-21 N/A
The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.
CVE-2009-4123 1 Jruby 1 Jruby-openssl 2024-11-21 7.5 High
The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate validation.
CVE-2009-4067 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 6.8 Medium
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
CVE-2009-4011 1 Dtc-xen Project 1 Dtc-xen 2024-11-21 8.1 High
dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console.
CVE-2009-3887 1 Ytnef Project 1 Ytnef 2024-11-21 9.8 Critical
ytnef has directory traversal
CVE-2009-3724 1 Python-markdown2 Project 1 Python-markdown2 2024-11-21 6.1 Medium
python-markdown2 before 1.0.1.14 has multiple cross-site scripting (XSS) issues.
CVE-2009-3723 2 Debian, Sangoma 2 Debian Linux, Asterisk 2024-11-21 7.5 High
asterisk allows calls on prohibited networks
CVE-2009-3721 2 Gnome, Ytnef Project 2 Evolution, Ytnef 2024-11-21 7.8 High
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.
CVE-2009-3614 2 Debian, Noping 2 Debian Linux, Liboping 2024-11-21 3.3 Low
liboping 1.3.2 allows users reading arbitrary files upon the local system.