Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-04-04 | CVE-2008-6604 | Path Traversal vulnerability in Picoflat CMS 0.5.9 Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to include and execute arbitrary local files via a .. | 10.0 |
| 2009-04-03 | CVE-2009-1240 | Unspecified vulnerability in IBM products Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive. | 10.0 |
| 2009-04-03 | CVE-2009-0556 | Code Injection vulnerability in Microsoft Office Powerpoint and Powerpoint Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that triggers memory corruption, as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen, aka "Memory Corruption Vulnerability." | 9.3 |
| 2009-04-03 | CVE-2008-6602 | Security vulnerability in Stadtaus Download Center Lite 1.6 Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack vectors related to "A minor security fix." | 10.0 |
| 2009-04-03 | CVE-2008-6598 | Race Condition vulnerability in Sangoma Wanpipe Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related to "bri restart logic." | 10.0 |
| 2009-04-03 | CVE-2008-6588 | Credentials Management vulnerability in Aztech Adsl2/2+4-Port Router Aztech ADSL2/2+ 4-port router has a default "isp" account with a default "isp" password, which allows remote attackers to obtain access if this default is not changed. | 10.0 |
| 2009-04-03 | CVE-2008-6583 | Buffer Errors vulnerability in Bsplayer Bs.Player 2.27 Buffer overflow in BS.player 2.27 build 959 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .SRT file. | 9.3 |
| 2009-04-02 | CVE-2009-1236 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member. | 10.0 |
| 2009-04-02 | CVE-2009-1231 | Security vulnerability in IBM DB2 Content Manager 8.4.1 Unspecified vulnerability in the eClient in IBM DB2 Content Manager 8.4.1 before 8.4.1.1 has unknown impact and attack vectors. | 10.0 |
| 2009-04-01 | CVE-2008-6578 | Multiple Security vulnerability in Nortel Cs1000 4.50 Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. | 10.0 |