|
300211
|
- |
|
infradead
|
openconnect
|
OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output po…
|
CWE-200
Information Exposure
|
CVE-2010-3902
|
2024-11-21 10:19 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300212
|
- |
|
infradead
|
openconnect
|
OpenConnect before 2.25 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary AnyConnect SSL VPN servers via a crafted server certificate that (1)…
|
CWE-20
Improper Input Validation
|
CVE-2010-3901
|
2024-11-21 10:19 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300213
|
- |
|
christian_dywan
|
midori
|
Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites v…
|
NVD-CWE-Other
|
CVE-2010-3900
|
2024-11-21 10:19 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300214
|
- |
|
redhat
|
enterprise_mrg
|
lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to cause a denial of service (stack memory exhaustion and broker crash) via a large persistent messag…
|
CWE-399
Resource Management Errors
|
CVE-2010-3701
|
2024-11-21 10:19 |
2010-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300215
|
- |
|
microsoft
|
windows
|
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified…
|
NVD-CWE-noinfo
|
CVE-2010-3889
|
2024-11-21 10:19 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300216
|
- |
|
microsoft
|
windows
|
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified…
|
NVD-CWE-noinfo
|
CVE-2010-3888
|
2024-11-21 10:19 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300217
|
- |
|
apple
|
mail
|
The Limit Mail feature in the Parental Controls functionality in Mail on Apple Mac OS X does not properly enforce the correspondence whitelist, which allows remote attackers to bypass intended access…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3887
|
2024-11-21 10:19 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300218
|
- |
|
microsoft
|
internet_explorer
|
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript …
|
CWE-200
Information Exposure
|
CVE-2010-3886
|
2024-11-21 10:19 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300219
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Cross-site request forgery (CSRF) vulnerability in CMS Made Simple 1.8.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that reset the administrative …
|
CWE-352
Origin Validation Error
|
CVE-2010-3884
|
2024-11-21 10:19 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300220
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Cross-site request forgery (CSRF) vulnerability in the Change Group Permissions module in CMS Made Simple 1.7.1 and earlier allows remote attackers to hijack the authentication of arbitrary users for…
|
CWE-352
Origin Validation Error
|
CVE-2010-3883
|
2024-11-21 10:19 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
