|
305561
|
- |
|
ibm
|
lotus_notes_traveler
|
The encrypted e-mail feature in IBM Lotus Notes Traveler before 8.5.0.2 sends unencrypted messages when the feature is used without uploading a Notes ID file, which makes it easier for remote attacke…
|
CWE-310
Cryptographic Issues
|
CVE-2009-5032
|
2024-11-21 10:11 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305562
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 do not properly parse spectral data in AAC files, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0125
|
2024-11-21 10:11 |
2010-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305563
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initi…
|
NVD-CWE-Other
|
CVE-2010-0121
|
2024-11-21 10:11 |
2010-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305564
|
- |
|
michael_dehaan
|
cobbler
|
Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password.
|
CWE-255
Credentials Management
|
CVE-2009-5021
|
2024-11-21 10:11 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305565
|
- |
|
awstats
|
awstats
|
Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2009-5020
|
2024-11-21 10:11 |
2010-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305566
|
- |
|
webwiz
|
web_wiz_newspad
|
Web Wiz NewsPad stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/NewsPad.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5019
|
2024-11-21 10:11 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305567
|
- |
|
symantec
|
mobile_security
|
The Symantec Norton Mobile Security application 1.0 Beta for Android records setup details, possibly including wipe/lock credentials, in the device logs, which allows user-assisted remote attackers t…
|
CWE-255
Credentials Management
|
CVE-2010-0113
|
2024-11-21 10:11 |
2010-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305568
|
- |
|
symantec
|
im_manager
|
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the r…
|
CWE-89
SQL Injection
|
CVE-2010-0112
|
2024-11-21 10:11 |
2010-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305569
|
- |
|
apache
sap
|
axis2
businessobjects
|
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier …
|
CWE-255
Credentials Management
|
CVE-2010-0219
|
2024-11-21 10:11 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305570
|
- |
|
isc
|
bind
|
ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive info…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0218
|
2024-11-21 10:11 |
2010-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
