|
294021
|
- |
|
redhat
|
yum-rhn-plugin
|
yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, wh…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1439
|
2017-09-19 10:30 |
2010-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294022
|
- |
|
postgresql
|
postgresql
|
The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 be…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1447
|
2017-09-19 10:30 |
2010-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294023
|
- |
|
ethereal_group
wireshark
|
ethereal
wireshark
|
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
|
CWE-20
Improper Input Validation
|
CVE-2010-1455
|
2017-09-19 10:30 |
2010-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294024
|
- |
|
ibm
|
lotus_notes
|
IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG.
|
CWE-255
Credentials Management
|
CVE-2010-1487
|
2017-09-19 10:30 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294025
|
- |
|
google
|
chrome
|
Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error."
|
NVD-CWE-noinfo
|
CVE-2010-1500
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294026
|
- |
|
google
|
chrome
|
Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools."
|
NVD-CWE-noinfo
|
CVE-2010-1502
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294027
|
- |
|
google
|
chrome
|
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1503
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294028
|
- |
|
google
|
chrome
|
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1504
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294029
|
- |
|
google
|
chrome
|
Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1505
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294030
|
- |
|
google
|
chrome
|
The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-1506
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
