CyberSecurityBoard
Sponsor Register Login

CVE-2009-4812

Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message.

Publication date: Tue, 27 Apr 2010 20:30:00 +0000


Cyber News related to CVE-2009-4812

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago
CVE-2006-4170 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4812. Reason: This candidate is a reservation duplicate of CVE-2006-4812. Notes: All CVE users should reference CVE-2006-4812 instead of this candidate. All references and ...
54 years ago Tenable.com
CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago
CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
54 years ago Tenable.com
CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
4 years ago
CVE-2009-4812 - Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message. ...
14 years ago
Critical GitLab flaw allows account takeover without user interaction, patch quickly! - A critical vulnerability in GitLab CE/EE can be easily exploited by attackers to reset GitLab user account passwords. Users who have two-factor authentication enabled on their account are safe from account takeover. CVE-2023-7028 was reported through ...
10 months ago Helpnetsecurity.com
GitLab warns of critical zero-click account hijacking vulnerability - GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The most critical security issue GitLab patched has the ...
10 months ago Bleepingcomputer.com
2FA-less GitLab users vulnerable to account takeovers The Register - GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May ...
10 months ago Go.theregister.com
CVE-2011-4812 - Cross-site scripting (XSS) vulnerability in nowosci.php in BestShopPro allows remote attackers to inject arbitrary web script or HTML via the str parameter. ...
12 years ago
CVE-2013-4812 - UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload ...
11 years ago
CVE-2015-4812 - Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to OSSL Module. ...
7 years ago
CVE-2005-4812 - The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) ...
7 years ago
CVE-2010-4812 - Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 allow remote attackers to execute arbitrary SQL commands via the (1) tids[] parameter to ajaxadmin.php and the (2) msgids[] parameter to ajaxmember.php. ...
7 years ago
CVE-2014-4812 - The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to this port. ...
7 years ago
CVE-2008-4812 - Array index error in Adobe Reader and Acrobat, and the Explorer extension (aka AcroRd32Info), 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to ...
6 years ago
CVE-2022-4812 - Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. ...
1 year ago
CVE-2018-4812 - ** REJECT ** This candidate is unused by its CNA. ...
1 year ago
CVE-2012-4812 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none ...
54 years ago Tenable.com
CVE-2016-4812 - Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
54 years ago Tenable.com
CVE-2017-4812 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com
CVE-2023-4812 - An issue has been discovered in GitLab EE affecting all versions starting from 15.3 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions starting from 16.7 before 16.7.2. The required CODEOWNERS approval could be bypassed by ...
10 months ago Tenable.com
CVE-2024-4812 - A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious JavaScript code in the "Description" field of a user. This code can be executed when opening certain pages, for example, Host Collections. ...
5 months ago
CVE-2007-4812 - Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. ...
6 years ago
CVE-2006-4812 - Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend ...
11 months ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)