|
300701
|
- |
|
hypermail-project
|
hypermail
|
Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted From address, which is not properly handled when indexing mess…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4339
|
2024-11-21 10:20 |
2011-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300702
|
- |
|
gnu
|
gnash
|
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/g…
|
CWE-59
Link Following
|
CVE-2010-4337
|
2024-11-21 10:20 |
2011-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300703
|
- |
|
cakefoundation
|
cakephp
|
The _validatePost function in libs/controller/components/security.php in CakePHP 1.3.x through 1.3.5 and 1.2.8 allows remote attackers to modify the internal Cake cache and execute arbitrary code via…
|
CWE-20
Improper Input Validation
|
CVE-2010-4335
|
2024-11-21 10:20 |
2011-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300704
|
- |
|
io-socket-ssl
|
io-socket-ssl
|
The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote at…
|
CWE-310
Cryptographic Issues
|
CVE-2010-4334
|
2024-11-21 10:20 |
2011-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300705
|
- |
|
gnu
|
glibc
|
Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial…
|
CWE-399
Resource Management Errors
|
CVE-2010-4052
|
2024-11-21 10:20 |
2011-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300706
|
- |
|
gnu
|
glibc
|
The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via…
|
NVD-CWE-noinfo
|
CVE-2010-4051
|
2024-11-21 10:20 |
2011-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300707
|
- |
|
citrix
|
xen
|
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS user…
|
CWE-20
Improper Input Validation
|
CVE-2010-4247
|
2024-11-21 10:20 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300708
|
- |
|
linux
|
linux_kernel
|
The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, w…
|
NVD-CWE-Other
|
CVE-2010-4242
|
2024-11-21 10:20 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300709
|
- |
|
mono
|
mono
|
Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote attackers to obtain the source code for .aspx (ASP.NET) applications via unknown vectors related to a…
|
CWE-200
NVD-CWE-noinfo
Information Exposure
|
CVE-2010-4225
|
2024-11-21 10:20 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300710
|
- |
|
linux
|
linux_kernel
|
Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) in Linux kernel 2.6.35 allows local users to cause a denial of service (crash) and possibly trigger memory corruption via a crafte…
|
CWE-189
Numeric Errors
|
CVE-2010-4175
|
2024-11-21 10:20 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
