|
305801
|
- |
|
linux
|
linux_kernel
|
The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potential…
|
CWE-200
Information Exposure
|
CVE-2010-4075
|
2024-11-21 10:20 |
2010-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305802
|
- |
|
linux
debian
|
linux_kernel
debian_linux
|
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack …
|
CWE-200
Information Exposure
|
CVE-2010-4074
|
2024-11-21 10:20 |
2010-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305803
|
- |
|
linux
suse
opensuse
debian
|
linux_kernel
linux_enterprise_server
linux_enterprise_desktop
opensuse
linux_enterprise_software_development_kit
linux_enterprise_real_time_extension
debian_linux
|
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vecto…
|
CWE-200
Information Exposure
|
CVE-2010-4073
|
2024-11-21 10:20 |
2010-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305804
|
- |
|
linux
suse
opensuse
debian
canonical
|
linux_kernel
linux_enterprise_server
linux_enterprise_desktop
opensuse
linux_enterprise_software_development_kit
linux_enterprise_real_time_extension
debian_linux
ubuntu_linux
|
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from k…
|
CWE-200
Information Exposure
|
CVE-2010-4072
|
2024-11-21 10:20 |
2010-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305805
|
- |
|
apache
|
tomcat
|
The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a session via script access to a cookie.
|
CWE-16
Configuration
|
CVE-2010-4312
|
2024-11-21 10:20 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305806
|
- |
|
dustincowell
|
free_simple_software
|
Free Simple Software 1.0 stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information.
|
CWE-310
Cryptographic Issues
|
CVE-2010-4311
|
2024-11-21 10:20 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305807
|
- |
|
dustincowell
|
free_simple_software
|
SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to ind…
|
CWE-89
SQL Injection
|
CVE-2010-4298
|
2024-11-21 10:20 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305808
|
- |
|
apache
|
tomcat
|
Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4172
|
2024-11-21 10:20 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305809
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related t…
|
CWE-399
Resource Management Errors
|
CVE-2010-4301
|
2024-11-21 10:20 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305810
|
- |
|
wireshark
|
wireshark
|
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attacker…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4300
|
2024-11-21 10:20 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
