|
306101
|
- |
|
alexander_v._lukyanov
|
lftp
|
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers…
|
CWE-20
Improper Input Validation
|
CVE-2010-2251
|
2024-11-21 10:16 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306102
|
- |
|
microsoft
|
windows_server_2008
windows_vista
|
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system …
|
CWE-399
Resource Management Errors
|
CVE-2010-2549
|
2024-11-21 10:16 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306103
|
- |
|
makotemplates
|
mako
|
Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vec…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2480
|
2024-11-21 10:16 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306104
|
- |
|
i-netsolution
|
job_search_engine_script
|
SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2611
|
2024-11-21 10:16 |
2010-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306105
|
- |
|
2daybiz
|
job_site_script
|
Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to …
|
CWE-89
SQL Injection
|
CVE-2010-2610
|
2024-11-21 10:16 |
2010-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306106
|
- |
|
2daybiz
|
job_search_engine_script
|
SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2609
|
2024-11-21 10:16 |
2010-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306107
|
- |
|
redhat
|
enterprise_linux
|
LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows…
|
CWE-20
Improper Input Validation
|
CVE-2010-2598
|
2024-11-21 10:16 |
2010-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306108
|
- |
|
libtiff
|
libtiff
|
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash…
|
CWE-20
Improper Input Validation
|
CVE-2010-2597
|
2024-11-21 10:16 |
2010-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306109
|
- |
|
libtiff
|
libtiff
|
The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted…
|
CWE-20
Improper Input Validation
|
CVE-2010-2596
|
2024-11-21 10:16 |
2010-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306110
|
- |
|
libtiff
|
libtiff
|
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service…
|
CWE-20
Improper Input Validation
|
CVE-2010-2595
|
2024-11-21 10:16 |
2010-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
