|
307711
|
- |
|
foswiki
|
foswiki
|
UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated users to gain privileges by modifying the GROUP and ALLOWTOPICCHANGE preferences in the topic preferences for Main.AdminGroup.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4215
|
2024-11-21 10:20 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307712
|
- |
|
apple
|
mac_os_x_server
|
Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstan…
|
CWE-200
Information Exposure
|
CVE-2010-4011
|
2024-11-21 10:20 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307713
|
- |
|
google
apple
xmlsoft
debian
canonical
redhat
opensuse
suse
apache
|
chrome
iphone_os
mac_os_x
itunes
safari
libxml2
debian_linux
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_lin…
|
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4008
|
2024-11-21 10:20 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307714
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code via a crafted embedded Compact Font Format (CFF) font in a document.
|
CWE-189
Numeric Errors
|
CVE-2010-4010
|
2024-11-21 10:20 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307715
|
- |
|
ibm
|
omnifind
|
Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PAT…
|
NVD-CWE-Other
|
CVE-2010-4236
|
2024-11-21 10:20 |
2010-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307716
|
- |
|
scottmac
|
libmbfl
|
The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (a…
|
CWE-20
Improper Input Validation
|
CVE-2010-4156
|
2024-11-21 10:20 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307717
|
- |
|
proftpd
|
proftpd
|
Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC esca…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4221
|
2024-11-21 10:20 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307718
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Integrated Solution Console in the Administrative Console component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 allows remote attacke…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4220
|
2024-11-21 10:20 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307719
|
- |
|
ibm
|
websphere_portal
|
Cross-site scripting (XSS) vulnerability in SemanticTagService.js in IBM WebSphere Portal 6.1.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some o…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4219
|
2024-11-21 10:20 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307720
|
- |
|
ibm
|
enovia
|
Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown impact and attack vectors, related to a system that becomes "exposed to the internet."
|
NVD-CWE-noinfo
|
CVE-2010-4218
|
2024-11-21 10:20 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
