|
264921
|
- |
|
scott_james_remnant
|
mountall
|
mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows local users to gain privileges by modifying this file.
|
CWE-362
Race Condition
|
CVE-2010-2961
|
2010-09-15 13:00 |
2010-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264922
|
- |
|
apache
|
couchdb
|
Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current worki…
|
NVD-CWE-Other
|
CVE-2010-2953
|
2010-09-15 04:00 |
2010-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264923
|
- |
|
apache
|
couchdb
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426: Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2010-2953
|
2010-09-15 04:00 |
2010-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264924
|
- |
|
splunk
|
splunk
|
Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter.
|
NVD-CWE-Other
|
CVE-2010-3323
|
2010-09-15 02:00 |
2010-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264925
|
- |
|
futomi
|
access_analyzer_cgi
|
Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access Analyzer CGI Professional, and Standard 4.0.2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2366
|
2010-09-14 13:00 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264926
|
- |
|
ibm
|
filenet_content_manager
|
Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3317
|
2010-09-14 13:00 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264927
|
- |
|
ibm
|
filenet_content_manager
|
IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-255
Credentials Management
|
CVE-2010-3318
|
2010-09-14 13:00 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264928
|
- |
|
ibm
|
filenet_content_manager
|
IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file.
|
CWE-255
Credentials Management
|
CVE-2010-3319
|
2010-09-14 13:00 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264929
|
- |
|
ibm
|
filenet_content_manager
|
Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified ve…
|
CWE-20
Improper Input Validation
|
CVE-2010-3320
|
2010-09-14 13:00 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264930
|
- |
|
cisco
|
wireless_lan_controller_software
|
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and…
|
NVD-CWE-noinfo
|
CVE-2010-0574
|
2010-09-13 13:00 |
2010-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
