|
300731
|
- |
|
linux
opensuse
suse
|
linux_kernel
opensuse
linux_enterprise_real_time_extension
|
The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_method file, which allows local users to gain privileges by placing a custom ACPI method in the ACP…
|
CWE-269
Improper Privilege Management
|
CVE-2010-4347
|
2024-11-21 10:20 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300732
|
- |
|
linux
|
linux_kernel
|
The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_mi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2010-4346
|
2024-11-21 10:20 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300733
|
- |
|
jovelstefan
|
embedded-video
|
Cross-site scripting (XSS) vulnerability in lembedded-video.php in the Embedded Video plugin 4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the content parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4277
|
2024-11-21 10:20 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300734
|
- |
|
hp
|
discovery\&dependency_mapping_inventory
|
Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4114
|
2024-11-21 10:20 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300735
|
- |
|
hp
|
power_manager
|
Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4113
|
2024-11-21 10:20 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300736
|
- |
|
hp
|
insight_management_agents
|
HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via an unspecified request that triggers disclosure of the full path.
|
CWE-200
Information Exposure
|
CVE-2010-4112
|
2024-11-21 10:20 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300737
|
- |
|
hp
|
insight_diagnostics
|
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4111
|
2024-11-21 10:20 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300738
|
- |
|
hp
|
openvms
|
Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform on Integrity servers allows local users to gain privileges or cause a denial of service via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-4110
|
2024-11-21 10:20 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300739
|
- |
|
pangramsoft
|
pointter_php_micro-blogging_social_network
|
Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies.
|
CWE-287
Improper Authentication
|
CVE-2010-4333
|
2024-11-21 10:20 |
2010-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300740
|
- |
|
pangramsoft
|
pointter_php_content_management_system
|
Pointter PHP Content Management System 1.0 allows remote attackers to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies.
|
CWE-287
Improper Authentication
|
CVE-2010-4332
|
2024-11-21 10:20 |
2010-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
