|
259521
|
- |
|
hotwebscripts
|
hotweb_rentals
|
SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this informatio…
|
CWE-89
SQL Injection
|
CVE-2010-4703
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259522
|
- |
|
xfig
|
xfig
|
Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4262
|
2011-01-20 15:46 |
2010-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259523
|
- |
|
djangoproject
|
django
|
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain obje…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4534
|
2011-01-20 15:46 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259524
|
- |
|
djangoproject
|
django
|
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestam…
|
CWE-20
Improper Input Validation
|
CVE-2010-4535
|
2011-01-20 15:46 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259525
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (application crash) via vect…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2010-4013
|
2011-01-20 15:45 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259526
|
- |
|
xfig
|
xfig
|
Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses t…
|
CWE-399
Resource Management Errors
|
CVE-2009-4228
|
2011-01-20 15:37 |
2009-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259527
|
- |
|
io-socket-ssl
|
io-socket-ssl
|
The verify_hostname_of_cert function in the certificate checking feature in IO-Socket-SSL (IO::Socket::SSL) 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which all…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3024
|
2011-01-20 15:35 |
2009-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259528
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4376
|
2011-01-19 16:02 |
2010-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259529
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attac…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4377
|
2011-01-19 16:02 |
2010-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259530
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4380
|
2011-01-19 16:02 |
2010-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
