|
278141
|
- |
|
opera
|
opera_browser
|
Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a de…
|
CWE-399
Resource Management Errors
|
CVE-2010-1728
|
2018-10-31 01:26 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278142
|
- |
|
sun
|
java_system_access_manager
|
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by vi…
|
CWE-255
CWE-264
Credentials Management
Permissions, Privileges, and Access Controls
|
CVE-2009-0170
|
2018-10-31 01:26 |
2009-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278143
|
- |
|
vmware
|
ace
workstation
player
server
|
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and…
|
NVD-CWE-noinfo
|
CVE-2009-1147
|
2018-10-31 01:26 |
2009-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278144
|
- |
|
sun
|
jdk
|
Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 throu…
|
CWE-399
Resource Management Errors
|
CVE-2009-1190
|
2018-10-31 01:26 |
2009-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278145
|
- |
|
vmware
|
ace
esx
esxi
fusion
player
server
workstation
|
Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x be…
|
NVD-CWE-noinfo
|
CVE-2009-1805
|
2018-10-31 01:26 |
2009-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278146
|
- |
|
opera
|
opera_browser
|
Opera, possibly before 9.25, uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle att…
|
CWE-287
Improper Authentication
|
CVE-2009-2059
|
2018-10-31 01:26 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278147
|
- |
|
microsoft
|
internet_explorer
pocket_ie
|
Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbit…
|
CWE-287
Improper Authentication
|
CVE-2009-2064
|
2018-10-31 01:26 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278148
|
- |
|
opera
|
opera_browser
|
Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modify…
|
CWE-287
Improper Authentication
|
CVE-2009-2067
|
2018-10-31 01:26 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278149
|
- |
|
opera
|
opera_browser
|
Opera 9.52 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) inj…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2351
|
2018-10-31 01:26 |
2009-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278150
|
- |
|
php
|
php
|
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP cra…
|
NVD-CWE-Other
|
CVE-2009-2626
|
2018-10-31 01:26 |
2009-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
