|
310061
|
9.8 |
CRITICAL
Network
|
google
webkitgtk
fedoraproject
|
chrome
webkitgtk
fedora
|
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have u…
|
CWE-416
Use After Free
|
CVE-2010-4197
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310062
|
- |
|
gnome
|
tomboy
|
The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse…
|
CWE-94
Code Injection
|
CVE-2010-4005
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310063
|
- |
|
gromacs
|
gromacs
|
GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current workin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4001
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310064
|
- |
|
gnome
|
gnome-shell
|
gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working dire…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4000
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310065
|
- |
|
banshee-project
|
banshee
|
The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse share…
|
NVD-CWE-Other
|
CVE-2010-3998
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310066
|
- |
|
adobe
|
shockwave_player
|
Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web si…
|
CWE-399
Resource Management Errors
|
CVE-2010-4092
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310067
|
- |
|
onlinetechtools.com
|
oasys_professional
|
SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password para…
|
CWE-89
SQL Injection
|
CVE-2010-4186
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310068
|
- |
|
energine
|
energine
|
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the NRGNSID cookie.
|
CWE-89
SQL Injection
|
CVE-2010-4185
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310069
|
- |
|
netsupportsoftware
|
netsupport_manager
|
NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client machines, which allows remote attackers to obtain potentially sensitive information…
|
CWE-310
Cryptographic Issues
|
CVE-2010-4184
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310070
|
- |
|
htmlpurifier
|
htmlpurifier
|
Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) back…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4183
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
