Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-03-30 | CVE-2008-6556 | Improper Input Validation vulnerability in Puppet Master Webutil 2.3 cgi-bin/webutil.pl in The Puppet Master WebUtil 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the whois command. | 10.0 |
| 2009-03-30 | CVE-2008-6555 | Improper Input Validation vulnerability in Puppetmaster Webutil 2.3/2.7 cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote attackers to execute arbitrary commands via shell metacharacters in the dig command. | 10.0 |
| 2009-03-30 | CVE-2008-6554 | OS Command Injection vulnerability in Aztech Adsl2/2+4-Port Router 3.7.0 cgi-bin/script in Aztech ADSL2/2+ 4-port router 3.7.0 build 070426 allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | 10.0 |
| 2009-03-30 | CVE-2008-6546 | Remote Security vulnerability in Alecwh PHPns 2.1.1 Unspecified vulnerability in phpns before 2.1.3 has unknown impact and attack vectors related to "activation permissions." | 10.0 |
| 2009-03-30 | CVE-2008-6536 | Archive Handling vulnerability in 7-Zip Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and remote attack vectors, as demonstrated by the PROTOS GENOME test suite for Archive Formats (c10). | 10.0 |
| 2009-03-30 | CVE-2007-6721 | Unspecified vulnerability in Bouncycastle products The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes." | 10.0 |
| 2009-03-27 | CVE-2009-0628 | Information Exposure vulnerability in Cisco IOS 12.3/12.4 Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak. | 9.0 |
| 2009-03-27 | CVE-2009-1169 | Resource Management Errors vulnerability in Mozilla Firefox The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform. | 9.3 |
| 2009-03-26 | CVE-2009-1071 | Buffer Errors vulnerability in Randomsoftware Icarus 2.0 Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted Portable Game Notation (.pgn) file. | 9.3 |
| 2009-03-26 | CVE-2009-1068 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bsplayer Bs.Player 2.32/2.34 Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file. | 9.3 |