|
304101
|
- |
|
systemtap
|
systemtap
|
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment va…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4170
|
2024-11-21 10:20 |
2010-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304102
|
- |
|
php
|
php
|
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory …
|
CWE-399
Resource Management Errors
|
CVE-2010-4150
|
2024-11-21 10:20 |
2010-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304103
|
- |
|
bsdperimeter
|
pfsense
|
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4412
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304104
|
- |
|
pulsecms
|
pulse_cms
|
Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter…
|
CWE-22
Path Traversal
|
CVE-2010-4330
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304105
|
- |
|
clamav
|
clamav
|
Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly …
|
CWE-189
Numeric Errors
|
CVE-2010-4261
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304106
|
- |
|
clamav
|
clamav
|
Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cra…
|
NVD-CWE-noinfo
|
CVE-2010-4260
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304107
|
- |
|
alexej_kryukov
|
fontforge
|
Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a B…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4259
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304108
|
- |
|
wordpress
|
wordpress
|
SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackba…
|
CWE-89
SQL Injection
|
CVE-2010-4257
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304109
|
- |
|
bsdperimeter
|
pfsense
|
Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via the (1) ifnum or (2) ifname parameter,…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4246
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304110
|
- |
|
vmware
|
workstation
player
fusion
esxi
esx
|
The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 bui…
|
CWE-20
Improper Input Validation
|
CVE-2010-4297
|
2024-11-21 10:20 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
