|
259731
|
- |
|
bsdperimeter
|
pfsense
|
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4412
|
2010-12-10 23:08 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259732
|
- |
|
gnucash
|
gnucash
|
gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current wor…
|
NVD-CWE-Other
|
CVE-2010-3999
|
2010-12-10 15:46 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259733
|
- |
|
apple
|
mac_os_x_server
|
Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via uns…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3783
|
2010-12-10 15:45 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259734
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (…
|
NVD-CWE-Other
|
CVE-2010-3784
|
2010-12-10 15:45 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259735
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2010-3784
|
2010-12-10 15:45 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259736
|
- |
|
apple
|
mac_os_x_server
|
Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3797
|
2010-12-10 15:45 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259737
|
- |
|
cisco
|
unified_videoconferencing_system_5110_firmware
unified_videoconferencing_system_5115_firmware
unified_videoconferencing_system_5110
unified_videoconferencing_system_5115
|
Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, has a default password for the (1) root, (2) cs, and (3) develop accounts, which makes it easier f…
|
CWE-255
Credentials Management
|
CVE-2010-3038
|
2010-12-10 15:44 |
2010-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259738
|
- |
|
cisco
|
unified_videoconferencing_system_5110_firmware
unified_videoconferencing_system_5115_firmware
unified_videoconferencing_system_5110
unified_videoconferencing_system_5115
unified_videoconf…
|
goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and possibly Unified Videoconferencing System 3545 and 5230, Unified Videoconferencing 3527 Primary Ra…
|
CWE-94
Code Injection
|
CVE-2010-3037
|
2010-12-10 15:44 |
2010-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259739
|
- |
|
php
|
php
|
The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary sessio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3065
|
2010-12-10 15:44 |
2010-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259740
|
- |
|
pythonpaste
|
paste
|
Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involvin…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2477
|
2010-12-10 15:43 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
