|
356351
|
- |
|
hp
|
operations_agent
|
HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a blank password for the opc_op account, which allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-255
Credentials Management
|
CVE-2010-0444
|
2010-02-13 16:22 |
2010-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356352
|
- |
|
osticket
|
osticket
|
SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0605
|
2010-02-12 14:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356353
|
- |
|
novaboard
|
novaboard
|
SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter in a search action.
|
CWE-89
SQL Injection
|
CVE-2010-0608
|
2010-02-12 14:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356354
|
- |
|
netbsd
|
netbsd
|
Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) …
|
CWE-189
Numeric Errors
|
CVE-2010-0561
|
2010-02-9 14:00 |
2010-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356355
|
- |
|
sun
|
one_web_server
|
Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP a…
|
CWE-189
Numeric Errors
|
CVE-2003-1579
|
2010-02-8 23:55 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356356
|
- |
|
ibm
|
cognos_express
|
IBM Cognos Express 9.0 allows attackers to obtain unspecified access to the Tomcat Manager component, and cause a denial of service, by leveraging hardcoded credentials.
|
CWE-255
Credentials Management
|
CVE-2010-0557
|
2010-02-8 14:00 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356357
|
- |
|
apache
|
http_server
|
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which al…
|
CWE-189
Numeric Errors
|
CVE-2003-1580
|
2010-02-8 14:00 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356358
|
- |
|
apache
|
http_server
|
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafte…
|
CWE-79
Cross-site Scripting
|
CVE-2003-1581
|
2010-02-8 14:00 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356359
|
- |
|
tor
|
tor
|
Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymi…
|
CWE-200
Information Exposure
|
CVE-2010-0383
|
2010-02-5 16:13 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356360
|
- |
|
ircd-ratbox
|
ircd-ratbox
|
cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a HELP command.
|
NVD-CWE-Other
|
CVE-2010-0300
|
2010-02-5 14:00 |
2010-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
