|
300271
|
- |
|
ibm
|
db2
|
The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses world-writable permissions for the sqllib/cfg/db2sprf file, which might allow local users to gain privileges by modifying this file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3733
|
2024-11-21 10:19 |
2010-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300272
|
- |
|
ibm
|
db2
|
The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (database server ABEND) by using the client CLI on Linux, UNIX, or Windows fo…
|
CWE-20
Improper Input Validation
|
CVE-2010-3732
|
2024-11-21 10:19 |
2010-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300273
|
- |
|
ibm
|
db2
|
Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasrrm in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10,…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3731
|
2024-11-21 10:19 |
2010-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300274
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Google Chrome before 6.0.472.62 does not properly use information about the origin of a document to manage properties, which allows remote attackers to have an unspecified impact via a crafted web si…
|
NVD-CWE-Other
|
CVE-2010-3730
|
2024-11-21 10:19 |
2010-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300275
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2010-3729
|
2024-11-21 10:19 |
2010-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300276
|
- |
|
netartmedia
|
websiteadmin
|
Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA WebSiteAdmin allows remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the ln…
|
CWE-22
Path Traversal
|
CVE-2010-3688
|
2024-11-21 10:19 |
2010-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300277
|
- |
|
alex_kellner
|
powermail
|
Unspecified vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to bypass validation have an unspecified impact by "[injecting] arbitrary values into validate…
|
NVD-CWE-noinfo
|
CVE-2010-3687
|
2024-11-21 10:19 |
2010-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300278
|
- |
|
drupal
peter_wolanin
|
drupal
openid
|
The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not ensuring that fields are signed, which allows remote attacker…
|
CWE-287
Improper Authentication
|
CVE-2010-3686
|
2024-11-21 10:19 |
2010-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300279
|
- |
|
drupal
peter_wolanin
|
drupal
openid
|
The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not checking for reuse of openid.response_nonce values, which all…
|
CWE-287
Improper Authentication
|
CVE-2010-3685
|
2024-11-21 10:19 |
2010-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300280
|
- |
|
synology
|
dsm
|
The FTP authentication module in Synology Disk Station 2.x logs passwords to the web application interface in cases of incorrect login attempts, which allows local users to obtain sensitive informati…
|
CWE-255
Credentials Management
|
CVE-2010-3684
|
2024-11-21 10:19 |
2010-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
