VARIoT IoT exploits database
| VAR-E-200910-0315 |
CVE-2009-4587 |
Cherokee Web server 0.5.4 - Denial of Service - Windows dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201001-0064 | EDB ID: 9874 |
Cherokee Web server 0.5.4 - Denial of Service. CVE-2009-4587CVE-61624 . dos exploit for Windows platform
| VAR-E-200910-0398 | No CVE | 3Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Multiple Remote Vulnerabilities | No EDB ID |
3Com OfficeConnect ADSL Wireless 11g Firewall Router is prone to an authentication-bypass vulnerability and a remote command-execution vulnerability.
An attacker can exploit these issues to gain unauthorized administrative access to the affected device or execute arbitrary commands. Successful exploits will completely compromise the device.
| VAR-E-200910-0616 | No CVE | HP LaserJet printers - Multiple Stored XSS vulnerabilities | No EDB ID |
| VAR-E-200910-0253 |
CVE-2009-2684 |
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities - Hardware remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200910-0280 | EDB ID: 10011 |
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities. CVE-2009-2684 . remote exploit for Hardware platform
| VAR-E-200909-0906 | No CVE | BlackBerry Device Software Browser Dialog Box Certificate Mismatch Weakness | No EDB ID |
The BlackBerry Device Software browser is prone to a weakness that may cause affected users to trust malicious sites.
This issue may potentially lead to other attacks, because users may operate under a false sense of security.
This issue affects all versions prior to BlackBerry Device Software 4.5.0.173, 4.6.0.303, 4.6.1.309, 4.7.0.179, and 4.7.1.57.
NOTE: This issue affects all built-in browsers installed on BlackBerry devices:
BlackBerry Browser
Internet Browser
WAP Browser
Wi-Fi (Hotspot) Browser
| VAR-E-200909-1007 |
CVE-2009-2866 |
Cisco IOS H.323 Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-200909-0383 | No EDB ID |
Cisco IOS is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCsz38104.
| VAR-E-200909-0907 |
CVE-2009-2873 CVE-2009-2872 |
Cisco IOS Software Tunnels Multiple Denial of Service Vulnerabilities
Related entries in the VARIoT vulnerabilities database: VAR-200909-0389, VAR-200909-0378 | No EDB ID |
Cisco IOS is prone to multiple remote denial-of-service vulnerabilities.
An attacker can exploit these issues to cause an affected device to reload, denying service to legitimate users.
These issues are being tracked by Cisco Bug IDs CSCsh97579, CSCsq31776, and CSCsx70889.
| VAR-E-200909-0373 |
CVE-2009-2869 |
Cisco IOS NTPv4 Reply Packet Remote Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-200909-0386 | No EDB ID |
Cisco IOS is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users.
This issue is being tracked by Cisco Bug IDs CSCsu24505 and CSCsv75948.
| VAR-E-200909-0247 |
CVE-2009-3344 |
SAP Crystal Reports Server Multiple Unspecified Remote Vulnerabilities
Related entries in the VARIoT vulnerabilities database: VAR-200909-0137 | No EDB ID |
SAP Crystal Reports Server is prone to multiple unspecified remote vulnerabilities, including:
- A denial-of-service vulnerability caused by an infinite loop.
- A heap-based buffer-overflow vulnerability.
- An unspecified remote code-execution vulnerability.
Attackers can exploit these issues to execute code within the context of the affected server and cause denial-of-service conditions.
| VAR-E-200909-0915 | No CVE | SAP NetWeaver Multiple Unspecified Remote Vulnerabilities | No EDB ID |
SAP NetWeaver is prone to multiple unspecified remote vulnerabilities, including:
- Multiple information-disclosure vulnerabilities.
- A NULL-pointer dereference vulnerability.
- Multiple heap-overflow vulnerabilities.
- A denial-of-service vulnerability.
Attackers can exploit these issues to execute code within the context of the affected server, cause denial-of-service conditions, and obtain potentially sensitive information.
| VAR-E-200909-0857 |
CVE-2009-3099 |
HP Operations Manager - Default Manager 8.1 Account Remote Security - Multiple remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200909-0403 | EDB ID: 33210 |
HP Operations Manager - Default Manager 8.1 Account Remote Security. CVE-2009-3099CVE-57898 . remote exploit for Multiple platform
| VAR-E-200909-0011 |
CVE-2009-4188 CVE-2012-0053 CVE-2011-3368 |
HP Operations Dashboard 2.1 - Portal Default Manager Account Remote Security - Multiple remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201110-0291, VAR-201201-0038 | EDB ID: 33211 |
HP Operations Dashboard 2.1 - Portal Default Manager Account Remote Security. CVE-2009-4188CVE-60669 . remote exploit for Multiple platform
| VAR-E-200909-1131 |
CVE-2009-4188 CVE-2012-0053 CVE-2011-3368 |
HP Operations Dashboard 2.1 - Portal Default Manager Account Remote Security - Multiple remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201110-0291, VAR-201201-0038 | EDB ID: 33211 |
HP Operations Dashboard 2.1 - Portal Default Manager Account Remote Security. CVE-2009-4188CVE-60669 . remote exploit for Multiple platform
| VAR-E-200908-1143 |
CVE-2009-2050 CVE-2009-2054 CVE-2009-2053 CVE-2009-2051 CVE-2009-2052 |
Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities
Related entries in the VARIoT vulnerabilities database: VAR-200908-0255, VAR-200908-0256, VAR-200908-0258, VAR-200908-0259, VAR-200908-0257 | No EDB ID |
Cisco Unified Communications Manager is prone to multiple denial-of-service vulnerabilities.
An attacker can exploit these issues to cause denial-of-service conditions in the affected application.
These issues are documented by these Cisco bug IDs:
CSCsi46466
CSCsz40392
CSCsq22534
CSCsx32236
CSCsx23689
| VAR-E-200908-0283 |
CVE-2009-2976 |
Cisco Lightweight Access Point Over The Air Manipulation Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-200908-0381 | No EDB ID |
Cisco Lightweight Access Point is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause the affected device to stop responding, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCtb56664.
| VAR-E-200908-0598 |
CVE-2009-3247 CVE-2009-3249 CVE-2009-3250 CVE-2009-3248 |
vTiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting - PHP webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200909-0478, VAR-200909-0480, VAR-200909-0479, VAR-200909-0477 | EDB ID: 9450 |
vTiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting. CVE-58269CVE-2009-3250CVE-58268CVE-2009-3249CVE-58267CVE-2009-3248CVE-57240CVE-2009-3247CVE-57239CVE-57238CVE-57237 . webapps exploit for PHP platform
| VAR-E-200908-0936 | No CVE | SAP NetWeaver Cross Site Scripting | No EDB ID |
SAP NetWeaver Application Server version 7.0 suffers from a cross site scripting vulnerability.
| VAR-E-200907-1149 |
CVE-2009-1164 |
Cisco Wireless LAN Controller HTTP Authorization Denial of Service Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-200907-0058 | No EDB ID |
Cisco Wireless LAN Controller is prone to a denial-of-service vulnerability when handling specially crafted HTTP requests.
An attacker can exploit this issue to trigger an affected device to reboot, causing denial-of-service conditions.
This issue affects Cisco Wireless LAN Controller 4402 (software release 5.1.151.0); other versions and devices may be affected as well.
| VAR-E-200906-0485 |
CVE-2009-2535 CVE-2009-1692 CVE-2009-2575 CVE-2009-2536 CVE-2009-2538 CVE-2009-2537 CVE-2009-2539 CVE-2009-2542 CVE-2009-2541 CVE-2009-2540 |
Multiple Browsers - Denial of Service - Multiple dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200907-0447, VAR-200907-0446, VAR-200907-0445, VAR-200907-0443, VAR-200907-0444, VAR-200907-0441, VAR-200907-0440, VAR-200907-0426, VAR-200906-0599, VAR-200906-0590 | EDB ID: 9160 |
Multiple Browsers - Denial of Service. CVE-56253CVE-2009-2535 . dos exploit for Multiple platform
| VAR-E-200906-0020 | No CVE | SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow (PoC) - Windows dos Exploit | EDB ID: 8899 |
SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow (PoC). CVE-55060 . dos exploit for Windows platform