|
275251
|
- |
|
php
|
php
|
Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 before 5.3.2 allows context-dependent attackers to cause a denial of service (crash) via a stream c…
|
CWE-399
Resource Management Errors
|
CVE-2010-2093
|
2010-12-7 15:48 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275252
|
- |
|
pear
|
mail
|
Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote attackers to read and write arbitrary files via a crafted…
|
CWE-94
Code Injection
|
CVE-2009-4111
|
2010-12-7 15:43 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275253
|
- |
|
realnetworks
|
helix_mobile_server
helix_server
helix_server_mobile
|
Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1318
|
2010-11-24 14:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275254
|
- |
|
gnu
|
gzip
|
The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infi…
|
CWE-20
Improper Input Validation
|
CVE-2009-2624
|
2010-11-18 15:29 |
2010-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275255
|
- |
|
sterlitetechnologies
|
sam300_ax_router
|
Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the Stat_Radio parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0607
|
2010-11-4 13:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275256
|
- |
|
osticket
|
osticket
|
Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inject arbitrary web script or HTML via the f parameter, possibly related…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0606
|
2010-11-4 03:16 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275257
|
- |
|
novaboard
|
novaboard
|
SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the nova_name cookie parameter. NOTE: the provenance of this information is…
|
CWE-89
SQL Injection
|
CVE-2010-0609
|
2010-11-4 02:46 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275258
|
- |
|
ibm
|
websphere_application_server
|
The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers t…
|
CWE-200
Information Exposure
|
CVE-2010-0563
|
2010-11-3 13:00 |
2010-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275259
|
- |
|
nos_microsystems
|
getplus_download_manager
|
Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5364
|
2010-10-25 13:00 |
2008-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275260
|
- |
|
ibm
|
db2
|
The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4331
|
2010-10-7 14:44 |
2009-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
