|
300141
|
- |
|
adobe
|
shockwave_player
|
Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3655
|
2024-11-21 10:19 |
2010-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300142
|
- |
|
adobe
macromedia
|
flash_player
acrobat
acrobat_reader
|
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3654
|
2024-11-21 10:19 |
2010-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300143
|
- |
|
rubyonrails
|
rails
|
Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs.
|
CWE-20
Improper Input Validation
|
CVE-2010-3933
|
2024-11-21 10:19 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300144
|
- |
|
curl
|
curl
|
Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \ (backs…
|
CWE-22
Path Traversal
|
CVE-2010-3842
|
2024-11-21 10:19 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300145
|
- |
|
usebb
|
usebb
|
rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the view permission but not the read permission, which allows remote attackers to bypass intended acce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3713
|
2024-11-21 10:19 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300146
|
- |
|
joomla
|
joomla\!
|
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving "multiple encoded e…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3712
|
2024-11-21 10:19 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300147
|
- |
|
pidgin
|
pidgin
|
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer d…
|
CWE-20
Improper Input Validation
|
CVE-2010-3711
|
2024-11-21 10:19 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300148
|
- |
|
adobe
|
shockwave_player
|
The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie wi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3653
|
2024-11-21 10:19 |
2010-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300149
|
- |
|
typo3
|
typo3
|
The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly restrict input to filter_var FILTER_VALIDATE_EMAIL operations in PHP, whi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3717
|
2024-11-21 10:19 |
2010-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300150
|
- |
|
typo3
|
typo3
|
The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrar…
|
CWE-20
Improper Input Validation
|
CVE-2010-3716
|
2024-11-21 10:19 |
2010-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
