|
304591
|
3.7 |
LOW
Network
|
mit
|
kerberos_5
|
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have un…
|
CWE-310
Cryptographic Issues
|
CVE-2010-1324
|
2024-11-21 10:14 |
2010-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304592
|
3.7 |
LOW
Network
|
mit
|
kerberos
kerberos_5
|
MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visi…
|
CWE-310
Cryptographic Issues
|
CVE-2010-1323
|
2024-11-21 10:14 |
2010-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304593
|
9.8 |
CRITICAL
Network
|
apple
|
mac_os_x_server
mac_os_x
|
OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a …
|
CWE-295
Improper Certificate Validation
|
CVE-2010-1378
|
2024-11-21 10:14 |
2010-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304594
|
- |
|
nullsoft
|
winamp
|
Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow remote attackers to execute arbitrary code via a crafted VP6 (1) video file or (2…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1523
|
2024-11-21 10:14 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304595
|
- |
|
openfabrics
|
enterprise_distribution
|
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file.
|
CWE-59
Link Following
|
CVE-2010-1693
|
2024-11-21 10:14 |
2010-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304596
|
- |
|
mit
|
kerberos_5
|
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, w…
|
CWE-20
Improper Input Validation
|
CVE-2010-1322
|
2024-11-21 10:14 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304597
|
- |
|
apache
|
apr-util
http_server
|
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Ap…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1623
|
2024-11-21 10:14 |
2010-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304598
|
- |
|
march-hare
|
cvsnt
cvs_suite
|
perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1326
|
2024-11-21 10:14 |
2010-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304599
|
- |
|
novell
|
suse_linux
|
WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session…
|
CWE-255
Credentials Management
|
CVE-2010-1507
|
2024-11-21 10:14 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304600
|
- |
|
novell
|
suse_lifecycle_management_server
|
Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the auth…
|
CWE-352
Origin Validation Error
|
CVE-2010-1325
|
2024-11-21 10:14 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
