|
308531
|
- |
|
google
|
chrome
|
Google Chrome before 7.0.517.41 does not properly perform autofill operations for forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified ot…
|
CWE-20
Improper Input Validation
|
CVE-2010-4035
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308532
|
- |
|
google
|
chrome
|
Google Chrome before 7.0.517.41 does not properly handle forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted …
|
CWE-20
Improper Input Validation
|
CVE-2010-4034
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308533
|
- |
|
google
|
chrome
|
Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct "profile spamming" attacks via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2010-4033
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308534
|
- |
|
oracle
|
mojarra
|
Oracle Mojarra uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding…
|
CWE-310
Cryptographic Issues
|
CVE-2010-4007
|
2024-11-21 10:20 |
2010-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308535
|
- |
|
sap
|
businessobjects
|
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3983
|
2024-11-21 10:20 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308536
|
- |
|
sap
|
businessobjects
|
SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via th…
|
CWE-200
Information Exposure
|
CVE-2010-3982
|
2024-11-21 10:20 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308537
|
- |
|
sap
|
businessobjects
|
Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3981
|
2024-11-21 10:20 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308538
|
- |
|
sap
|
businessobjects
|
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids …
|
NVD-CWE-Other
|
CVE-2010-3980
|
2024-11-21 10:20 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308539
|
- |
|
sap
|
businessobjects
|
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote attackers to enumerate …
|
CWE-200
Information Exposure
|
CVE-2010-3979
|
2024-11-21 10:20 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308540
|
7.8 |
HIGH
Local
|
ettercap-project
|
ettercap
|
The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/e…
|
-
|
CVE-2010-3843
|
2024-11-21 10:19 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
