|
301271
|
- |
|
dojofoundation
ibm
|
dojo_toolkit
rational_clearquest
|
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to …
|
CWE-200
Information Exposure
|
CVE-2010-4600
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301272
|
- |
|
linux
|
linux_kernel
|
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file wit…
|
CWE-200
Information Exposure
|
CVE-2010-4565
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301273
|
- |
|
ecava
|
integraxor
|
Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of …
|
NVD-CWE-Other
|
CVE-2010-4599
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301274
|
- |
|
ecava
|
integraxor
|
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.
|
CWE-22
Path Traversal
|
CVE-2010-4598
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301275
|
- |
|
ecava
|
integraxor
|
Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4597
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301276
|
- |
|
microsoft
|
wmi_administrative_tools
|
The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier allows remote attackers to execute arbitrary code via a crafted argument to the ReleaseContext…
|
CWE-94
Code Injection
|
CVE-2010-4588
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301277
|
- |
|
earl_miles
|
views
|
Cross-site scripting (XSS) vulnerability in the Views module 6.x before 6.x-2.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via a page path.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4521
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301278
|
- |
|
earl_miles
|
views
|
Multiple cross-site scripting (XSS) vulnerabilities in the Views module 6.x before 6.x-2.11 for Drupal allow remote attackers to inject arbitrary web script or HTML via (1) a URL or (2) an aggregator…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4520
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301279
|
- |
|
earl_miles
|
views
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Views UI implementation in the Views module 5.x before 5.x-1.8 and 6.x before 6.x-2.11 for Drupal allow remote attackers to hijack th…
|
CWE-352
Origin Validation Error
|
CVE-2010-4519
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301280
|
- |
|
ibm
|
lotus_mobile_connect
|
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services (HTTP-AS), which allows remote attackers to bypass …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4595
|
2024-11-21 10:21 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
