|
299651
|
- |
|
pulsecms
|
pulse_cms
|
Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter…
|
CWE-22
Path Traversal
|
CVE-2010-4330
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299652
|
- |
|
clamav
|
clamav
|
Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly …
|
CWE-189
Numeric Errors
|
CVE-2010-4261
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299653
|
- |
|
clamav
|
clamav
|
Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cra…
|
NVD-CWE-noinfo
|
CVE-2010-4260
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299654
|
- |
|
alexej_kryukov
|
fontforge
|
Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a B…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4259
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299655
|
- |
|
wordpress
|
wordpress
|
SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackba…
|
CWE-89
SQL Injection
|
CVE-2010-4257
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299656
|
- |
|
bsdperimeter
|
pfsense
|
Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via the (1) ifnum or (2) ifname parameter,…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4246
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299657
|
- |
|
vmware
|
workstation
player
fusion
esxi
esx
|
The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 bui…
|
CWE-20
Improper Input Validation
|
CVE-2010-4297
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299658
|
- |
|
vmware
|
workstation
player
server
fusion
|
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 b…
|
CWE-863
Incorrect Authorization
|
CVE-2010-4296
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299659
|
- |
|
vmware
|
workstation
player
server
fusion
|
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Lin…
|
CWE-362
Race Condition
|
CVE-2010-4295
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299660
|
- |
|
openssl
|
openssl
|
OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared se…
|
CWE-287
Improper Authentication
|
CVE-2010-4252
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
