|
259811
|
- |
|
realnetworks
|
helix_mobile_server
helix_server
helix_server_mobile
|
Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1318
|
2010-11-24 14:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259812
|
- |
|
apache
|
myfaces
|
shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MAC), which makes it e…
|
CWE-310
Cryptographic Issues
|
CVE-2010-2057
|
2010-11-19 14:00 |
2010-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259813
|
- |
|
gnu
|
gzip
|
The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infi…
|
CWE-20
Improper Input Validation
|
CVE-2009-2624
|
2010-11-18 15:29 |
2010-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259814
|
- |
|
redhat
|
certificate_system
dogtag_certificate_system
|
Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System do not require authentication for requests to decrypt SCEP one-time PINs, which allows remote attackers to obtain PINs by sni…
|
CWE-287
Improper Authentication
|
CVE-2010-3868
|
2010-11-18 14:00 |
2010-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259815
|
- |
|
redhat
|
certificate_system
dogtag_certificate_system
|
Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated users to generate an arbitrary number of certificates by replaying a single SCEP one-time PIN.
|
CWE-310
Cryptographic Issues
|
CVE-2010-3869
|
2010-11-18 14:00 |
2010-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259816
|
- |
|
impresscms
|
impresscms
|
SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-4271
|
2010-11-18 14:00 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259817
|
- |
|
apple
|
coregraphics
mac_os_x
mac_os_x_server
|
Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF fil…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1801
|
2010-11-17 14:00 |
2010-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259818
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS feed, which allows remote attackers to obtain sensitive information via a feed: URL containing an ap…
|
CWE-200
Information Exposure
|
CVE-2010-3796
|
2010-11-17 14:00 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259819
|
- |
|
apple
|
mac_os_x_server
|
Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstan…
|
CWE-200
Information Exposure
|
CVE-2010-4011
|
2010-11-17 14:00 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259820
|
- |
|
apple
|
mac_os_x_server
|
Per: http://lists.apple.com/archives/security-announce/2010//Nov/msg00001.html
'Dovecot is only provided with Mac OS X Server systems. This issue only affects systems running Mac OS X Server v10.6…
|
CWE-200
Information Exposure
|
CVE-2010-4011
|
2010-11-17 14:00 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
