|
300191
|
6.5 |
MEDIUM
Network
|
freedesktop
debian
|
poppler
debian_linux
|
An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2010-4653
|
2024-11-21 10:21 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300192
|
9.8 |
CRITICAL
Network
|
debian
offlineimap
|
debian_linux
offlineimap
|
offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.
|
CWE-295
Improper Certificate Validation
|
CVE-2010-4533
|
2024-11-21 10:21 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300193
|
5.9 |
MEDIUM
Network
|
debian
offlineimap
|
debian_linux
offlineimap
|
offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.
|
CWE-295
Improper Certificate Validation
|
CVE-2010-4532
|
2024-11-21 10:21 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300194
|
- |
|
ghostscript
|
ghostscript
|
Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working direc…
|
CWE-94
Code Injection
|
CVE-2010-4820
|
2024-11-21 10:21 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300195
|
- |
|
google
|
android
|
Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might allow remote attackers to spoof trusted web sites via a web page containing references to external sou…
|
CWE-310
Cryptographic Issues
|
CVE-2010-4832
|
2024-11-21 10:21 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300196
|
- |
|
perl
|
perl
|
The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (ass…
|
CWE-20
Improper Input Validation
|
CVE-2010-4777
|
2024-11-21 10:21 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300197
|
- |
|
phpmyfaq
|
phpmyfaq
|
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4821
|
2024-11-21 10:21 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300198
|
- |
|
silverstripe
|
silverstripe
|
SQL injection vulnerability in the augmentSQL method in core/model/Translatable.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when the Translatable extension is enabled, allows remo…
|
CWE-89
SQL Injection
|
CVE-2010-4824
|
2024-11-21 10:21 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300199
|
- |
|
silverstripe
|
silverstripe
|
Cross-site scripting (XSS) vulnerability in the httpError method in sapphire/core/control/RequestHandler.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when custom error handling is …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4823
|
2024-11-21 10:21 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300200
|
- |
|
silverstripe
|
silverstripe
|
core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax par…
|
CWE-200
Information Exposure
|
CVE-2010-4822
|
2024-11-21 10:21 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
