Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-03-17 | CVE-2009-0926 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732. | 4.9 |
| 2009-03-17 | CVE-2009-0925 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723. | 4.7 |
| 2009-03-17 | CVE-2009-0924 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712. | 4.7 |
| 2009-03-17 | CVE-2009-0922 | Resource Management Errors vulnerability in Postgresql PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests. | 4.0 |
| 2009-03-16 | CVE-2009-0917 | Cross-Site Scripting vulnerability in Dflabs PTK Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. | 4.3 |
| 2009-03-16 | CVE-2009-0915 | Cross-site Scripting vulnerability in Opera Browser Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins. | 6.8 |
| 2009-03-16 | CVE-2008-6480 | Cross-Site Request Forgery (CSRF) vulnerability in Softnews Media Group Datalife Engine 6.7 Cross-site request forgery (CSRF) vulnerability in engine/modules/imagepreview.php in Datalife Engine 6.7 allows remote attackers to hijack the authentication of arbitrary users for requests that use a modified image parameter. | 6.8 |
| 2009-03-16 | CVE-2008-6479 | Cross-Site Request Forgery (CSRF) vulnerability in Parallels Virtuozzo 25.4Swsoft Cross-site request forgery (CSRF) vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to modify the password via a link or IMG tag to vz/cp/pwd. | 6.8 |
| 2009-03-16 | CVE-2008-6478 | Cross-Site Request Forgery (CSRF) vulnerability in Parallels Virtuozzo Containers 3.0.025.4.Swsoft/4.0.0365.6.Swsoft Cross-site request forgery (CSRF) vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft (build 4.0.0-365.6.swsoft) and 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to create and delete arbitrary files as the administrator via a link or IMG tag to (1) create-file and (2) list-control in vz/cp/vzdir/infrman/envs/files/; or modify system configuration via the path parameter to vz/cp/vzdir/infrman/envs/files/index. | 6.8 |
| 2009-03-16 | CVE-2009-0913 | Local Denial Of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. local sun | 4.7 |