|
344601
|
- |
|
sun
|
jre
jdk
|
Per: http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
'Affected product releases and versions:
• Java SE:
• JDK and JRE 6 Update 18 an…
|
NVD-CWE-noinfo
|
CVE-2010-0838
|
2018-10-11 04:53 |
2010-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344602
|
- |
|
roger_lopez
thomas_turnbull
|
nodeblock
|
Cross-site scripting (XSS) vulnerability in the Node Blocks module 5.x-1.1 and earlier, and 6.x-1.3 and earlier, a module for Drupal, allows remote authenticated users, with permissions to create or …
|
CWE-79
Cross-site Scripting
|
CVE-2010-0370
|
2018-10-11 04:52 |
2010-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344603
|
- |
|
phpgroupware
|
phpgroupware
|
Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.
|
CWE-22
Path Traversal
|
CVE-2010-0403
|
2018-10-11 04:52 |
2010-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344604
|
- |
|
phpgroupware
|
phpgroupware
|
Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) class.sessions_db.inc.php, …
|
CWE-89
SQL Injection
|
CVE-2010-0404
|
2018-10-11 04:52 |
2010-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344605
|
- |
|
todd_miller
|
sudo
|
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary direct…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0426
|
2018-10-11 04:52 |
2010-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344606
|
- |
|
todd_miller
|
sudo
|
sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0427
|
2018-10-11 04:52 |
2010-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344607
|
- |
|
chip_salzenberg
|
deliver
|
Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file.
|
CWE-59
Link Following
|
CVE-2010-0439
|
2018-10-11 04:52 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344608
|
- |
|
asterisk
|
asterisk
|
Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemo…
|
CWE-20
Improper Input Validation
|
CVE-2010-0441
|
2018-10-11 04:52 |
2010-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344609
|
- |
|
hp
|
openview_performance_insight
|
The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbi…
|
CWE-287
Improper Authentication
|
CVE-2010-0447
|
2018-10-11 04:52 |
2010-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344610
|
- |
|
sun
|
opensolaris
solaris
|
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) v…
|
CWE-20
Improper Input Validation
|
CVE-2010-0453
|
2018-10-11 04:52 |
2010-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
