CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
41723 | CVE-2009-4288 | Candidate | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. | Assigned (20091210) | None (candidate not yet proposed) | View | |
41979 | CVE-2009-4544 | Candidate | Cross-site scripting (XSS) vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | Assigned (20100104) | None (candidate not yet proposed) | View | |
42235 | CVE-2009-4800 | Candidate | Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command. | Assigned (20100422) | None (candidate not yet proposed) | View | |
42491 | CVE-2009-5056 | Candidate | Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly enforce the move_into permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-tickets list. | Assigned (20110318) | None (candidate not yet proposed) | View | |
42747 | CVE-2010-0163 | Candidate | Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | Assigned (20100106) | None (candidate not yet proposed) | View |
Page 20607 of 20943, showing 5 records out of 104715 total, starting on record 103031, ending on 103035