|
304581
|
- |
|
justsystems
|
ichitaro
|
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3916.
|
NVD-CWE-noinfo
|
CVE-2010-3915
|
2024-11-21 10:19 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304582
|
- |
|
redhat
|
luci
|
The default configuration of Luci 0.22.4 and earlier in Red Hat Conga uses "[INSERT SECRET HERE]" as its secret key for cookies, which makes it easier for remote attackers to bypass repoze.who authen…
|
CWE-287
Improper Authentication
|
CVE-2010-3852
|
2024-11-21 10:19 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304583
|
- |
|
poppler
foolabs
kde
glyphandcog
|
poppler
xpdf
kdegraphics
xpdfreader
|
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows co…
|
CWE-20
Improper Input Validation
|
CVE-2010-3704
|
2024-11-21 10:19 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304584
|
- |
|
poppler
|
poppler
|
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dep…
|
CWE-20
Improper Input Validation
|
CVE-2010-3703
|
2024-11-21 10:19 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304585
|
- |
|
freedesktop
xpdfreader
apple
fedoraproject
opensuse
suse
debian
redhat
canonical
|
poppler
xpdf
cups
fedora
opensuse
linux_enterprise_server
debian_linux
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_desktop
ubuntu_linux
|
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent atta…
|
CWE-476
NULL Pointer Dereference
|
CVE-2010-3702
|
2024-11-21 10:19 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304586
|
- |
|
transware
|
active\!_mail
|
CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unsp…
|
CWE-94
Code Injection
|
CVE-2010-3913
|
2024-11-21 10:19 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304587
|
- |
|
jsecurity
apache
|
jsecurity
shiro
|
Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restric…
|
CWE-22
Path Traversal
|
CVE-2010-3863
|
2024-11-21 10:19 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304588
|
- |
|
nongnu
|
cvs
|
Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based bu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3846
|
2024-11-21 10:19 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304589
|
- |
|
mozilla
|
bugzilla
|
The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive inf…
|
CWE-200
Information Exposure
|
CVE-2010-3764
|
2024-11-21 10:19 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304590
|
- |
|
libguestfs
|
libguestfs
|
libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files …
|
CWE-200
Information Exposure
|
CVE-2010-3851
|
2024-11-21 10:19 |
2010-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
