|
303841
|
- |
|
ibm
|
rational_clearquest
|
The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows remote authenticated users to bypass "restricted user" limitations, and read arbitrary records, via …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4602
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303842
|
- |
|
ibm
|
rational_clearquest
|
Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related…
|
NVD-CWE-noinfo
|
CVE-2010-4601
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303843
|
- |
|
dojofoundation
ibm
|
dojo_toolkit
rational_clearquest
|
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to …
|
CWE-200
Information Exposure
|
CVE-2010-4600
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303844
|
- |
|
linux
|
linux_kernel
|
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file wit…
|
CWE-200
Information Exposure
|
CVE-2010-4565
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303845
|
- |
|
ecava
|
integraxor
|
Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of …
|
NVD-CWE-Other
|
CVE-2010-4599
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303846
|
- |
|
ecava
|
integraxor
|
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.
|
CWE-22
Path Traversal
|
CVE-2010-4598
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303847
|
- |
|
ecava
|
integraxor
|
Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4597
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303848
|
- |
|
microsoft
|
wmi_administrative_tools
|
The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier allows remote attackers to execute arbitrary code via a crafted argument to the ReleaseContext…
|
CWE-94
Code Injection
|
CVE-2010-4588
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303849
|
- |
|
earl_miles
|
views
|
Cross-site scripting (XSS) vulnerability in the Views module 6.x before 6.x-2.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via a page path.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4521
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303850
|
- |
|
earl_miles
|
views
|
Multiple cross-site scripting (XSS) vulnerabilities in the Views module 6.x before 6.x-2.11 for Drupal allow remote attackers to inject arbitrary web script or HTML via (1) a URL or (2) an aggregator…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4520
|
2024-11-21 10:21 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
