CVE-2009-2884

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago

CVE-2009-2884 - Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter. ...
7 years ago

CVE-2016-2884 - Cross-site request forgery (CSRF) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3.1, in an unspecified non-default configuration, allows remote authenticated users to hijack the authentication of arbitrary users for ...
8 years ago

CVE-2015-2884 - Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi. ...
8 years ago

CVE-2005-2884 - Cross-site scripting (XSS) vulnerability in events.php in Land Down Under (LDU) 801 and earlier allows remote attackers to inject arbitrary web script or HTML via the Description field in an event. ...
7 years ago

CVE-2011-2884 - Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before FP3 have unknown impact and attack vectors, related to "critical security vulnerability issues." ...
7 years ago

CVE-2013-2884 - Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper tracking of which document owns ...
7 years ago

CVE-2007-2884 - Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) ...
7 years ago

CVE-2014-2884 - The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt 7.1a allows local users to bypass access restrictions and obtain sensitive information about arbitrary files via a (1) TC_IOCTL_OPEN_TEST or (2) TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG ...
7 years ago

CVE-2008-2884 - PHP remote file inclusion vulnerability in display.php in RSS-aggregator allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: some of these details are obtained from third party information. ...
6 years ago

CVE-2006-2884 - SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter. ...
6 years ago

CVE-2010-2884 - Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS ...
6 years ago

CVE-2012-2884 - Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. ...
6 years ago

CVE-2015-5423 - Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2884. ...
6 years ago

CVE-2019-2884 - Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment). The supported version that is affected is 17.0. Difficult to exploit vulnerability allows unauthenticated ...
4 years ago

CVE-2017-2884 - An exploitable vulnerability exists in the user photo update functionality of Circle with Disney running firmware 2.0.1. A repeated set of specially crafted API calls can cause the device to corrupt essential memory, resulting in a bricked device. An ...
3 years ago

CVE-2020-2884 - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated ...
2 years ago

CVE-2022-2884 - A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint ...
2 years ago

CVE-2023-2884 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. ...
1 year ago

CVE-2024-2884 - Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) ...
7 months ago

CVE-2025-2884 - TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata 1.83 of TCG standard TPM2.0 ...
2 weeks ago

CVE-2022-50022 - In the Linux kernel, the following vulnerability has been resolved: ...
1 week ago