|
260631
|
- |
|
openttd
|
openttd
|
OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0401
|
2010-05-11 13:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260632
|
- |
|
openttd
|
openttd
|
OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map.
|
CWE-399
Resource Management Errors
|
CVE-2010-0406
|
2010-05-11 13:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260633
|
- |
|
adobe
|
photoshop_cs4
|
Multiple unspecified vulnerabilities in Adobe Photoshop CS4 11.x before 11.0.1 allow user-assisted remote attackers to execute arbitrary code via a crafted TIFF file.
|
CWE-94
Code Injection
|
CVE-2010-1279
|
2010-05-11 13:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260634
|
- |
|
mytty
|
webapplication_finger_printer
|
Web Application Finger Printer (WAFP) 0.01-26c3 uses fixed pathnames under /tmp for temporary files and directories, which (1) allows local users to cause a denial of service (application outage) by …
|
NVD-CWE-Other
|
CVE-2010-1438
|
2010-05-11 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260635
|
- |
|
zikula
|
zikula_application_framework
|
Cross-site request forgery (CSRF) vulnerability in the users module in Zikula Application Framework before 1.2.3 allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2010-1732
|
2010-05-11 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260636
|
- |
|
transmissionbt
|
transmission
|
Multiple stack-based buffer overflows in the tr_magnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote attackers to cause a denial of service (crash) or possibly execute a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1853
|
2010-05-11 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260637
|
- |
|
php
|
php
|
The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by …
|
CWE-94
Code Injection
|
CVE-2010-1868
|
2010-05-11 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260638
|
- |
|
alienvault
|
open_source_security_information_management
|
SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote …
|
CWE-89
SQL Injection
|
CVE-2009-4375
|
2010-05-11 13:00 |
2009-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260639
|
- |
|
mega-nerd
|
libsndfile
|
The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of se…
|
CWE-189
Numeric Errors
|
CVE-2009-4835
|
2010-05-11 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260640
|
- |
|
phpscripte24
|
pay_per_watch_\&_bid_auktions_system
|
Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not pr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1854
|
2010-05-10 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
