CVE List

Id CVE No. Status Description Phase Votes Comments Actions
41723  CVE-2009-4288  Candidate  ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.  Assigned (20091210)  None (candidate not yet proposed)    View
41979  CVE-2009-4544  Candidate  Cross-site scripting (XSS) vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.  Assigned (20100104)  None (candidate not yet proposed)    View
42235  CVE-2009-4800  Candidate  Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command.  Assigned (20100422)  None (candidate not yet proposed)    View
42491  CVE-2009-5056  Candidate  Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly enforce the move_into permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-tickets list.  Assigned (20110318)  None (candidate not yet proposed)    View
42747  CVE-2010-0163  Candidate  Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing.  Assigned (20100106)  None (candidate not yet proposed)    View

Page 20607 of 20943, showing 5 records out of 104715 total, starting on record 103031, ending on 103035

Actions