CVE-2009-3726

The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.

Publication date: Tue, 10 Nov 2009 01:30:00 +0000

Cyber News related to CVE-2009-3726

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CVE-2009-3726 - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect ...
1 year ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
4 years ago

CVE-2013-3726 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1636. Reason: This candidate is a reservation duplicate of CVE-2013-1636. Notes: All CVE users should reference CVE-2013-1636 instead of this candidate. All references and ...
55 years ago Tenable.com

CVE-2021-3726 - # Vulnerability in `title` function **Description**: the `title` function defined in `lib/termsupport.zsh` uses `print` to set the terminal title to a user-supplied string. In Oh My Zsh, this function is always used securely, but custom user code ...
3 years ago

CVE-2005-3726 - SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows remote attackers to execute arbitrary SQL commands via the Query parameter. ...
13 years ago

CVE-2011-3726 - DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php and certain other files. ...
12 years ago

CVE-2015-3726 - The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card. ...
8 years ago

CVE-2006-3726 - Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th July 2006, allows remote authenticated attackers to execute arbitrary code via a long argument to the LIST command. ...
7 years ago

CVE-2008-3726 - Cross-site scripting (XSS) vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to inject arbitrary web script or HTML via the URI. ...
7 years ago

CVE-2012-3726 - Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. ...
7 years ago

CVE-2016-3726 - Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs. <a ...
7 years ago

CVE-2007-3726 - Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive that ...
1 year ago

CVE-2019-3726 - An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package (DUP) Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. Dell Update Package (DUP) ...
5 years ago

CVE-2020-3726 - Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. ...
4 years ago

CVE-2022-3726 - Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP ...
2 years ago

CVE-2018-3726 - crud-file-server node module before 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names. ...
1 year ago

CVE-2010-3726 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none ...
55 years ago Tenable.com

CVE-2023-3726 - OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting. ...
1 year ago

CVE-2024-3726 - The Login Logout Register Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'llrmloginlogout' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output ...
7 months ago

CVE-2009-0795 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0796, CVE-2009-1265. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a different issue. Notes: All CVE users should consult ...
55 years ago Tenable.com

CVE-2009-4778 - Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow ...
14 years ago

CVE-2009-0888 - Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via ...
15 years ago

Latest Cyber News

CVE-2024-11848 - 4 hours ago
CVE-2024-11851 - 4 hours ago
CVE-2024-12593 - 4 hours ago
CVE-2025-0439 - 5 hours ago
CVE-2025-0440 - 5 hours ago
CVE-2025-0441 - 5 hours ago
CVE-2025-0442 - 5 hours ago
CVE-2025-0443 - 5 hours ago
CVE-2025-0446 - 5 hours ago
CVE-2025-0447 - 5 hours ago
CVE-2025-0448 - 5 hours ago
CVE-2024-35280 - 5 hours ago
CVE-2025-0193 - 5 hours ago
CVE-2025-0434 - 5 hours ago
CVE-2025-0435 - 5 hours ago
CVE-2025-0436 - 5 hours ago
CVE-2025-0437 - 5 hours ago
CVE-2025-0438 - 5 hours ago
CVE-2024-9636 - 6 hours ago
CVE-2024-10775 - 6 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2023-37931 - 1 day ago
CVE-2023-37936 - 1 day ago
CVE-2023-37937 - 1 day ago
CVE-2023-42785 - 1 day ago
CVE-2023-42786 - 1 day ago
CVE-2023-46715 - 1 day ago
CVE-2024-11497 - 1 day ago
CVE-2024-11863 - 1 day ago
CVE-2024-11864 - 1 day ago
CVE-2024-21758 - 1 day ago
CVE-2024-23106 - 1 day ago
CVE-2024-26012 - 1 day ago
CVE-2024-27778 - 1 day ago
CVE-2024-32115 - 1 day ago
CVE-2024-33502 - 1 day ago
CVE-2024-33503 - 1 day ago
CVE-2024-35273 - 1 day ago
CVE-2024-35275 - 1 day ago
CVE-2024-35276 - 1 day ago
CVE-2024-35277 - 1 day ago