259631
|
- |
|
oracle
|
e-business_suite
|
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-2388
|
2011-01-19 14:00 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259632
|
- |
|
hypermail-project
|
hypermail
|
Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted From address, which is not properly handled when indexing mess…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4339
|
2011-01-18 14:00 |
2011-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259633
|
- |
|
ecava
|
integraxor
|
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.
|
CWE-22
Path Traversal
|
CVE-2010-4598
|
2011-01-14 15:48 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259634
|
- |
|
cstr
|
festival
|
festival_server in Centre for Speech Technology Research (CSTR) Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gai…
|
NVD-CWE-Other
|
CVE-2010-3996
|
2011-01-14 15:47 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259635
|
- |
|
squid-cache
|
squid
|
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a …
|
NVD-CWE-Other
|
CVE-2010-3072
|
2011-01-14 15:46 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259636
|
- |
|
squid-cache
|
squid
|
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2010-3072
|
2011-01-14 15:46 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259637
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users …
|
CWE-310
Cryptographic Issues
|
CVE-2010-3073
|
2011-01-14 15:46 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259638
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a wate…
|
CWE-310
Cryptographic Issues
|
CVE-2010-3074
|
2011-01-14 15:46 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259639
|
- |
|
linux-ipv6
|
umip
|
The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to spoof netlink socket communication via a crafted unicast message.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2522
|
2011-01-14 15:45 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259640
|
- |
|
linux-ipv6
|
umip
|
Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an unspecified impact via a crafted (1) ND_OPT_PREFIX_INFORMATION or (2) ND_OPT_HOME_AGENT_INFO packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2523
|
2011-01-14 15:45 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|