|
301091
|
- |
|
dracut_project
udev_project
|
dracut
udev
|
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from …
|
CWE-276
Incorrect Default Permissions
|
CVE-2010-4176
|
2024-11-21 10:20 |
2010-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301092
|
- |
|
systemtap
|
systemtap
|
The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary ker…
|
CWE-20
Improper Input Validation
|
CVE-2010-4171
|
2024-11-21 10:20 |
2010-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301093
|
- |
|
systemtap
|
systemtap
|
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment va…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4170
|
2024-11-21 10:20 |
2010-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301094
|
- |
|
php
|
php
|
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory …
|
CWE-399
Resource Management Errors
|
CVE-2010-4150
|
2024-11-21 10:20 |
2010-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301095
|
- |
|
bsdperimeter
|
pfsense
|
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4412
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301096
|
- |
|
pulsecms
|
pulse_cms
|
Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter…
|
CWE-22
Path Traversal
|
CVE-2010-4330
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301097
|
- |
|
clamav
|
clamav
|
Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly …
|
CWE-189
Numeric Errors
|
CVE-2010-4261
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301098
|
- |
|
clamav
|
clamav
|
Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cra…
|
NVD-CWE-noinfo
|
CVE-2010-4260
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301099
|
- |
|
alexej_kryukov
|
fontforge
|
Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a B…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4259
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301100
|
- |
|
wordpress
|
wordpress
|
SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackba…
|
CWE-89
SQL Injection
|
CVE-2010-4257
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
