KR-Web <=1.1b2 - Remote File Inclusion

KR-Web 1.1b2 and prior contain a remote file inclusion vulnerability via adm/krgourl.php, which allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENTROOT parameter. id: CVE-2009-4223 info: name: KR-Web =1.1b2 - Remote File Inclusion author: geeknik severity: high...

Joomla! Roland Breedveld Album 1.14 - Local File Inclusion

Joomla! Roland Breedveld Album 1.14 comalbum is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. dot dot in the target parameter to index.php. id: CVE-2009-3318 info: name: Joomla! Roland Breedveld...

Horde/Horde Groupware - Local File Inclusion

Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the HordeImage driver name. id: CVE-2009-0932 inf...

CVE-2009-1103 vulnerabilities

Vulnerabilities for packages: openjdk-25-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-8-openj9, openjdk-21-openj9, openjdk-11-openj9...

CVE-2009-2670 vulnerabilities

Vulnerabilities for packages: openjdk-25-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-8-openj9, openjdk-21-openj9, openjdk-11-openj9...

CVE-2009-2675 vulnerabilities

Vulnerabilities for packages: openjdk-25-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-8-openj9, openjdk-21-openj9, openjdk-11-openj9...

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl CVE-2009-2625, CVE-2012-0881, CVE-2013-4002, CVE-2020-14338, CVE-2022-23437. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2009-2625 DESCRIPTION: XMLScanner.java in Apache Xerces2...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Hp Power_Manager

As part of my OSCP preparation I came across CVE-2009-3999 HP P...

HP LaserJet Denial of Service (CVE-2009-3842)

Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain access to data or cause a denial of service via unknown vectors. This plugin only works with...

HP Printer Weak Password Requirement (CVE-2009-0941)

The HP Embedded Web Server EWS on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

AZL-9785 CVE-2009-1890 for package httpd is not applicable

This CVE either no longer is or was never applicable...

MiracleLinux 3 : wget-1.11.4-2.1.1AXS3 (AXSA:2009-420:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-420:01 advisory. GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you are...

MiracleLinux 3 : kernel-2.6.18-128.15.AXS3 (AXSA:2010-166:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-166:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

MiracleLinux 3 : libtool-1.5.22-7AXS3 (AXSA:2009-430:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-430:01 advisory. GNU Libtool is a set of shell scripts which automatically configure UNIX and UNIX-like systems to generically build shared libraries. Libtool provides a...

MiracleLinux 3 : ntp-4.2.2p1-9.2.1AXS3 (AXSA:2009-58:02)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2009-58:02 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. The ntp package contains utilities and...

MiracleLinux 3 : curl-7.15.5-2.1AXS3.5 (AXSA:2009-376:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-376:02 advisory. cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict servers, using any of the supported protocols. cURL is designed to work without user...

MiracleLinux 4 : xerces-j2-2.7.1-12.6.AXS4 (AXSA:2013-718:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-718:01 advisory. The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition DTD defines the legal syntax and also...

CVE-2009-1047 vulnerabilities

Vulnerabilities for packages: drupal...

CVE-2009-3479 vulnerabilities

Vulnerabilities for packages: drupal...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001777 advisory. Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus...