|
294411
|
- |
|
apple
|
safari
webkit
|
The execCommand JavaScript function in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict remote execution of cli…
|
NVD-CWE-Other
|
CVE-2010-1421
|
2017-09-19 10:30 |
2010-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294412
|
- |
|
apple
|
safari
webkit
|
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle changes to keyboard focus that occur during processing of key pr…
|
NVD-CWE-Other
|
CVE-2010-1422
|
2017-09-19 10:30 |
2010-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294413
|
- |
|
redhat
|
yum-rhn-plugin
|
yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, wh…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1439
|
2017-09-19 10:30 |
2010-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294414
|
- |
|
postgresql
|
postgresql
|
The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 be…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1447
|
2017-09-19 10:30 |
2010-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294415
|
- |
|
ethereal_group
wireshark
|
ethereal
wireshark
|
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
|
CWE-20
Improper Input Validation
|
CVE-2010-1455
|
2017-09-19 10:30 |
2010-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294416
|
- |
|
ibm
|
lotus_notes
|
IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG.
|
CWE-255
Credentials Management
|
CVE-2010-1487
|
2017-09-19 10:30 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294417
|
- |
|
google
|
chrome
|
Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error."
|
NVD-CWE-noinfo
|
CVE-2010-1500
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294418
|
- |
|
google
|
chrome
|
Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools."
|
NVD-CWE-noinfo
|
CVE-2010-1502
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294419
|
- |
|
google
|
chrome
|
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1503
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294420
|
- |
|
google
|
chrome
|
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1504
|
2017-09-19 10:30 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
