|
264961
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases,…
|
CWE-189
Numeric Errors
|
CVE-2010-2759
|
2010-09-8 14:48 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264962
|
- |
|
redhat
|
spice-xpi
|
The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files via a symlink attack on an unspecified log file.
|
CWE-59
Link Following
|
CVE-2010-2794
|
2010-09-8 14:48 |
2010-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264963
|
- |
|
novell
|
suse_linux
|
WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session…
|
CWE-255
Credentials Management
|
CVE-2010-1507
|
2010-09-6 13:00 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264964
|
- |
|
xmlswf
|
com_picsell
|
Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfr…
|
CWE-22
Path Traversal
|
CVE-2010-3203
|
2010-09-6 13:00 |
2010-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264965
|
- |
|
common1
|
moobbs
|
Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2364
|
2010-09-1 07:00 |
2010-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264966
|
- |
|
common1
|
moobbs2
|
Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2365
|
2010-09-1 07:00 |
2010-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264967
|
- |
|
php
|
php
|
The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended ac…
|
CWE-20
Improper Input Validation
|
CVE-2010-1129
|
2010-08-31 14:42 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264968
|
- |
|
simone_rota
|
slim_simple_login_manager
|
The default configuration of SLiM before 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the cu…
|
CWE-16
Configuration
|
CVE-2010-2945
|
2010-08-31 13:00 |
2010-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264969
|
- |
|
adobe
|
extension_manager_cs5
|
Untrusted search path vulnerability in Adobe Extension Manager CS5 5.0.298 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan …
|
NVD-CWE-Other
|
CVE-2010-3154
|
2010-08-30 23:54 |
2010-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264970
|
- |
|
wyse
|
thinos_hf
|
Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other versions before ThinOS 6.5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3031
|
2010-08-30 13:00 |
2010-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
