|
266051
|
- |
|
redhat
|
spice-xpi
|
Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-middle attacks, by providing a UNIX socket for communica…
|
CWE-362
Race Condition
|
CVE-2010-2792
|
2011-01-11 15:43 |
2010-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266052
|
- |
|
provider4u
|
vsftpd_webmin_module
|
Multiple unspecified vulnerabilities in the Vsftpd Webmin module before 1.3b for the Vsftpd server have unknown impact and attack vectors related to "Some security issues."
|
NVD-CWE-noinfo
|
CVE-2009-4457
|
2011-01-11 15:38 |
2009-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266053
|
- |
|
cisco
|
unified_meetingplace
|
Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which allows remote attackers to create, modify, or delete data in …
|
CWE-89
SQL Injection
|
CVE-2010-0139
|
2011-01-7 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266054
|
- |
|
cisco
|
unified_meetingplace
|
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified auth…
|
CWE-255
Credentials Management
|
CVE-2010-0141
|
2011-01-7 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266055
|
- |
|
xerox
|
workcentre_6400_net_controller
workcentre_6400_system_software
|
Unspecified vulnerability in the Network Controller in Xerox WorkCentre 6400 System Software 060.070.109.11407 through 060.070.109.29510, and Net Controller 060.079.11410 through 060.079.29310, allow…
|
CWE-200
Information Exposure
|
CVE-2010-0549
|
2011-01-6 14:00 |
2010-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266056
|
- |
|
ibm
|
websphere_portal
|
Cross-site scripting (XSS) vulnerability in the Collaboration component in IBM WebSphere Portal 6.1.x before 6.1.0.3 allows remote attackers to inject arbitrary web script or HTML via the people pick…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4152
|
2011-01-6 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266057
|
- |
|
joomlatune
|
com_proofreader
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4157
|
2011-01-6 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266058
|
- |
|
roytanck
|
wp-cumulus
|
Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the WP-Cumulus Plug-in before 1.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4169
|
2011-01-6 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266059
|
- |
|
hp
|
decnet_plus_for_openvms
|
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restriction…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5417
|
2011-01-5 14:00 |
2008-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266060
|
- |
|
hp
|
storage_essentials
|
Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of servic…
|
NVD-CWE-noinfo
|
CVE-2010-4029
|
2011-01-4 15:45 |
2010-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
