|
300911
|
- |
|
libguestfs
|
libguestfs
|
libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files …
|
CWE-200
Information Exposure
|
CVE-2010-3851
|
2024-11-21 10:19 |
2010-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300912
|
- |
|
isc
|
dhcp
|
ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a DHCPv6 packet containing a …
|
NVD-CWE-Other
|
CVE-2010-3611
|
2024-11-21 10:19 |
2010-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300913
|
- |
|
vim
|
gvim
|
Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary co…
|
NVD-CWE-Other
|
CVE-2010-3914
|
2024-11-21 10:19 |
2010-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300914
|
- |
|
acegisecurity
vmware
ibm
|
acegi-security
springsource_spring_security
websphere_application_server
|
VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 through 1.0.7, as used in IBM WebSphere Application Server (WAS) 6.1 and 7.0, allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3700
|
2024-11-21 10:19 |
2010-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300915
|
- |
|
adobe
|
shockwave_player
|
Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3655
|
2024-11-21 10:19 |
2010-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300916
|
- |
|
adobe
macromedia
|
flash_player
acrobat
acrobat_reader
|
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3654
|
2024-11-21 10:19 |
2010-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300917
|
- |
|
rubyonrails
|
rails
|
Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs.
|
CWE-20
Improper Input Validation
|
CVE-2010-3933
|
2024-11-21 10:19 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300918
|
- |
|
curl
|
curl
|
Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using \ (backs…
|
CWE-22
Path Traversal
|
CVE-2010-3842
|
2024-11-21 10:19 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300919
|
- |
|
usebb
|
usebb
|
rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the view permission but not the read permission, which allows remote attackers to bypass intended acce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3713
|
2024-11-21 10:19 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300920
|
- |
|
joomla
|
joomla\!
|
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving "multiple encoded e…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3712
|
2024-11-21 10:19 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
