|
303401
|
- |
|
libtiff
|
libtiff
|
The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with u…
|
NVD-CWE-Other
|
CVE-2010-2443
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303402
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2442
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303403
|
- |
|
apple
|
webkit
|
WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and C…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2441
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303404
|
- |
|
upredsun
|
subtitle_translation_wizard
|
Stack-based buffer overflow in st-wizard.exe in Subtitle Translation Wizard 3.0 allows user-assisted remote attackers to execute arbitrary code via a crafted SRT file with a long line after a time ra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2440
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303405
|
- |
|
moreforge
|
moreamp
|
Stack-based buffer overflow in MoreAmp allows remote attackers to execute arbitrary code via a long line in a song list (.maf file).
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2439
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303406
|
- |
|
laubrotel
|
g.cms_generator
|
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
|
CWE-89
SQL Injection
|
CVE-2010-2438
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303407
|
- |
|
anecms
|
anecms_blog
|
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to mo…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2437
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303408
|
- |
|
anecms
|
anecms_blog
|
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
|
CWE-89
SQL Injection
|
CVE-2010-2436
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303409
|
- |
|
salvo_tomaselli
|
weborf_http_server
|
Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause a denial of service (crash) via Unicode characters in a Connection HTTP header, and possibly other headers.
|
CWE-20
Improper Input Validation
|
CVE-2010-2435
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303410
|
- |
|
redhat
|
enterprise_virtualization_manager
|
The snapshot merging functionality in Red Hat Enterprise Virtualization Manager (aka RHEV-M) before 2.2 does not properly pass the postzero parameter during operations on deleted volumes, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2224
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
