|
298671
|
- |
|
microp_project
|
microp
|
Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote attackers to execute arbitrary code via a crafted .mppl file. NOTE: it has been reported that the overflow is in the lpFileName paramet…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-5299
|
2024-11-21 10:22 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298672
|
- |
|
fedoraproject
randall_hand
|
fedora
yerase\'s_tnef_stream_reader
|
Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer …
|
CWE-189
Numeric Errors
|
CVE-2010-5109
|
2024-11-21 10:22 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298673
|
- |
|
blender
|
blender
|
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue mi…
|
CWE-59
Link Following
|
CVE-2010-5105
|
2024-11-21 10:22 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298674
|
- |
|
openssl
mariadb
fedoraproject
suse
|
openssl
mariadb
fedora
linux_enterprise_server
linux_enterprise_software_development_kit
linux_enterprise_desktop
linux_enterprise_workstation_extension
|
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denia…
|
CWE-362
Race Condition
|
CVE-2010-5298
|
2024-11-21 10:22 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298675
|
- |
|
wordpress
|
wordpress
|
WordPress before 3.0.1, when a Multisite installation is used, permanently retains the "site administrators can add users" option once changed, which might allow remote authenticated administrators t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5297
|
2024-11-21 10:22 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298676
|
- |
|
wordpress
|
wordpress
|
wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisite configuration is used, does not require the Super Admin role for the delete_users capability, which allows remote authenticate…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5296
|
2024-11-21 10:22 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298677
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is no…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5295
|
2024-11-21 10:22 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298678
|
- |
|
wordpress
|
wordpress
|
Multiple cross-site scripting (XSS) vulnerabilities in the request_filesystem_credentials function in wp-admin/includes/file.php in WordPress before 3.0.2 allow remote servers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5294
|
2024-11-21 10:22 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298679
|
- |
|
wordpress
|
wordpress
|
wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, which allows remote attackers to bypass intended spam restrictions via a crafte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5293
|
2024-11-21 10:22 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298680
|
- |
|
amberdms
|
amberdms_billing_system
|
Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured, might allow local users to obtain sensitive information by reading the cache in between runs of the inclu…
|
CWE-200
Information Exposure
|
CVE-2010-5292
|
2024-11-21 10:22 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
