|
304881
|
- |
|
avahi
|
avahi
|
The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet…
|
NVD-CWE-Other
|
CVE-2010-2244
|
2024-11-21 10:16 |
2010-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304882
|
- |
|
htmlpurifier
mahara
|
htmlpurifier
mahara
|
Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2479
|
2024-11-21 10:16 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304883
|
- |
|
libtiff
|
libtiff
|
The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2483
|
2024-11-21 10:16 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304884
|
- |
|
libtiff
|
libtiff
|
LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via …
|
NVD-CWE-Other
|
CVE-2010-2482
|
2024-11-21 10:16 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304885
|
- |
|
libtiff
|
libtiff
|
The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2481
|
2024-11-21 10:16 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304886
|
- |
|
search.cpan
gisle_aas
|
libwww-perl
|
lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to…
|
CWE-20
Improper Input Validation
|
CVE-2010-2253
|
2024-11-21 10:16 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304887
|
- |
|
gnu
|
wget
|
GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary…
|
CWE-20
Improper Input Validation
|
CVE-2010-2252
|
2024-11-21 10:16 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304888
|
- |
|
alexander_v._lukyanov
|
lftp
|
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers…
|
CWE-20
Improper Input Validation
|
CVE-2010-2251
|
2024-11-21 10:16 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304889
|
- |
|
microsoft
|
windows_server_2008
windows_vista
|
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system …
|
CWE-399
Resource Management Errors
|
CVE-2010-2549
|
2024-11-21 10:16 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304890
|
- |
|
makotemplates
|
mako
|
Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vec…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2480
|
2024-11-21 10:16 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
