CVE-2009-4691

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
13 years ago

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
13 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
56 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
6 years ago

CVE-2009-4691 - SQL injection vulnerability in addlink.php in Classified Linktrader Script allows remote attackers to execute arbitrary SQL commands via the slctCategories parameter. ...
15 years ago

CVE-2005-4691 - imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which ...
17 years ago

CVE-2008-4691 - Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in the New Compiler (aka Starburst derived compiler) component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a denial of service (segmentation violation and trap) ...
14 years ago

CVE-2004-1172 - Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname. ...
8 years ago

CVE-2007-4691 - The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs. ...
8 years ago

CVE-2011-4691 - Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser ...
8 years ago

CVE-2006-4128 - Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, ...
7 years ago

CVE-2012-4691 - Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service (memory consumption) via crafted packets. Per: ...
13 years ago

CVE-2006-4691 - Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname. ...
7 years ago

CVE-2006-1298 - Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas Backup Exec 10d (10.1) for Windows Servers rev. 5629, Backup Exec 10.0 for Windows Servers rev. 5520, Backup Exec 10.0 for Windows Servers rev. 5484, ...
7 years ago

CVE-2016-4691 - An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary ...
7 years ago

CVE-2014-4691 - Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie. Per: http://cwe.mitre.org/data/definitions/384.html ...
6 years ago

CVE-2013-4691 - Sencha Labs Connect has XSS with connect.methodOverride() ...
6 years ago

CVE-2019-4691 - IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials ...
5 years ago

CVE-2020-4691 - IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...
5 years ago

CVE-2022-4691 - Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. ...
3 years ago

CVE-2010-4691 - Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via multicast traffic, aka Bug IDs CSCtg61810 and CSCtg69742. ...
2 years ago

CVE-2018-4691 - ** REJECT ** This candidate is unused by its CNA. ...
2 years ago

CVE-2023-4691 - The WordPress Online Booking and Scheduling Plugin WordPress plugin before 22.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin ...
2 years ago

CVE-2017-4691 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
56 years ago Tenable.com

CVE-2025-4691 - The Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.21 via the 'view_request_details' due to ...
8 months ago