CVE-2009-5021

Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password.

Publication date: Fri, 10 Dec 2010 02:00:00 +0000

Cyber News related to CVE-2009-5021

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago

CVE-2009-5021 - Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password. ...
7 years ago

CVE-2007-5021 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4880. Reason: This candidate is a duplicate of CVE-2007-4880. Notes: All CVE users should reference CVE-2007-4880 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-2006-5021 - Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the root parameter in imgen.php, and the root_path parameter in (2) admin/config.php, (3) common.php, and ...
16 years ago

CVE-2011-5021 - PHPIDS before 0.7 does not properly implement Regular Expression Denial of Service (ReDoS) filters, which allows remote attackers to bypass rulesets and add PHP sequences to a file via unspecified vectors. ...
13 years ago

CVE-2013-5021 - Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and earlier, the Data Analysis component in ABB DataManager ...
11 years ago

CVE-2014-5021 - Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via an option ...
10 years ago

CVE-2016-5021 - The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x ...
8 years ago

CVE-2015-2797 - Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect ...
8 years ago

CVE-2015-5021 - IBM InfoSphere Information Server 11.3 and 11.5 allows remote authenticated DataStage users to bypass intended job-execution restrictions or obtain sensitive information via unspecified vectors. ...
8 years ago

CVE-2010-5021 - SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter. ...
7 years ago

CVE-2017-5021 - A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. ...
7 years ago

CVE-2008-5021 - nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying ...
1 year ago

CVE-2018-17588 - AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. ...
6 years ago

CVE-2018-5021 - Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the ...
5 years ago

CVE-2017-14829 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ...
5 years ago

CVE-2020-5021 - IBM Spectrum Protect Plus 10.1.0 through 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. IBM X-Force ID: 193657. ...
4 years ago

CVE-2021-20679 - Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort ...
3 years ago

CVE-2019-5021 - Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems ...
2 years ago

CVE-2023-5021 - A vulnerability, which was classified as problematic, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file admin/?pagesystem_info/contact_information. The manipulation of the argument ...
1 year ago

CVE-2024-5021 - The WordPress Picture / Portfolio / Media Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.1 via the 'file_get_contents' function. This makes it possible for unauthenticated ...
7 months ago

CVE-2009-0795 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0796, CVE-2009-1265. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a different issue. Notes: All CVE users should consult ...
55 years ago Tenable.com

Latest Cyber News

How Public & Private Sectors Can Better Align Cyber Defense - 16 minutes ago
Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 41 minutes ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 1 hour ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 2 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 2 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 3 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 3 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 4 hours ago
APT43 Hackers Attacking Academic Institutions With Exposed Credentials - 5 hours ago
An Italian journalist speaks about being targeted with Paragon spyware | The Record from Recorded Future News - 5 hours ago
CVE-2025-25901 - 5 hours ago
CVE-2025-24904 - 5 hours ago
CVE-2025-25355 - 5 hours ago
CVE-2024-12011 - 5 hours ago
ANYRUN Safebrowsing Extension - Analyse Any Malicious URL for Free - 6 hours ago
CVE-2025-0426 - 6 hours ago
Munich Cyber Security and Security Conferences 2025 [Live Updates] | The Record from Recorded Future News - 7 hours ago
Chinese espionage tools deployed in RA World ransomware attack - 7 hours ago
CVE-2025-26580 - 7 hours ago
CVE-2025-26582 - 7 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 41 minutes ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 1 hour ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 2 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 2 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 3 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 3 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 4 hours ago
CVE-2025-0995 - 1 day ago
CVE-2025-0996 - 1 day ago
CVE-2025-0997 - 1 day ago
CVE-2025-0998 - 1 day ago
CVE-2025-24528 - 1 day ago
CVE-2024-11343 - 1 day ago
CVE-2024-12629 - 1 day ago
CVE-2024-9870 - 1 day ago
CVE-2025-0332 - 1 day ago
CVE-2025-0516 - 1 day ago
CVE-2025-1208 - 1 day ago
CVE-2025-25349 - 1 day ago
CVE-2025-25351 - 1 day ago