Export limit exceeded: 346164 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346164 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346164 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0282 | 2 Microsoft, Ralinktech | 2 Windows 2000, Rt73 | 2026-04-23 | N/A |
| Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and other wireless card drivers including rt2400, rt2500, rt2570, and rt61, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Probe Request packet with a long SSID, possibly related to an integer signedness error. | ||||
| CVE-2009-0283 | 1 Aobosoft | 1 Oblog | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2009-0284 | 1 Flaxweb | 1 Flax Article Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in Flax Article Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2009-0285 | 1 Bbsxp | 1 Bbsxp | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in error.asp in BBSXP 5.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2009-0286 | 1 Opengoo | 1 Opengoo | 2026-04-23 | N/A |
| Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter. | ||||
| CVE-2009-0287 | 1 Keep Toolkit | 1 Keep Toolkit | 2026-04-23 | N/A |
| SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password. | ||||
| CVE-2009-0288 | 1 Windows Tftp Utility | 1 Tftputil | 2026-04-23 | N/A |
| Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to read arbitrary files outside the TFTP root directory via directory traversal sequences in a GET request. | ||||
| CVE-2009-0289 | 1 Windows Tftp Utility | 1 Tftputil | 2026-04-23 | N/A |
| k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to cause a denial of service (service crash) via a long filename in a crafted request. | ||||
| CVE-2009-0291 | 1 Openx | 1 Openx | 2026-04-23 | N/A |
| Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter. | ||||
| CVE-2009-0292 | 1 Shop-inet | 1 Shop-inet | 2026-04-23 | N/A |
| SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbitrary SQL commands via the grid parameter. | ||||
| CVE-2009-0293 | 1 Wazzum | 1 Wazzum Dating Software | 2026-04-23 | N/A |
| SQL injection vulnerability in profile_view.php in Wazzum Dating Software, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the userid parameter. | ||||
| CVE-2009-0295 | 1 Itlpoll | 1 Itpoll | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0296 | 1 Gempar | 1 Script Toko Online | 2026-04-23 | N/A |
| SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2009-0297 | 1 Clicktech | 1 Clickauction | 2026-04-23 | N/A |
| SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0298 | 1 Mw6 Technologies | 1 Barcode Activex | 2026-04-23 | N/A |
| Heap-based buffer overflow in MW6 Technologies Barcode ActiveX control (Barcode.MW6Barcode.1, Barcode.dll) 3.0.0.1 allows remote attackers to execute arbitrary code via a long Supplement property. | ||||
| CVE-2009-0299 | 1 Groonesworld | 1 Glinks | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2009-0301 | 1 Grid2000 | 1 Flexcell Grid Control | 2026-04-23 | N/A |
| Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX control (FlexCell.ocx) in FlexCell Grid Control 5.6.9 allow remote attackers to create and overwrite arbitrary files via the (1) SaveFile and (2) ExportToXML methods. | ||||
| CVE-2009-0302 | 1 Php-nuke | 1 Downloads Module | 2026-04-23 | N/A |
| SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php. | ||||
| CVE-2009-0303 | 1 Webhelpdesk | 1 Web Help Desk | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to inject arbitrary web script or HTML via vectors related to "encoded JavaScript" and Helpdesk.woa. | ||||
| CVE-2009-0304 | 1 Sun | 2 Opensolaris, Solaris | 2026-04-23 | N/A |
| The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. | ||||