|
265041
|
- |
|
invensys
|
wonderware_archestra_configuration_access_component_activex_control
wonderware_application_server
|
Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 S…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2974
|
2010-08-9 13:00 |
2010-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265042
|
- |
|
invensys
|
wonderware_archestra_configuration_access_component_activex_control
wonderware_application_server
|
Per: http://www.kb.cert.org/vuls/id/703189
'According to Invensys, users that are using IAS 2.1 (all versions)-IDE, WAS 3.0 (all versions)-IDE, WAS 3.1 (all versions)-IDE, InFusion CE 2.0-IEE, InF…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2974
|
2010-08-9 13:00 |
2010-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265043
|
- |
|
barnowl
|
barnowl
|
BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and …
|
CWE-20
Improper Input Validation
|
CVE-2010-2725
|
2010-08-5 22:23 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265044
|
- |
|
moinmo
|
moinmoin
|
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2487
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265045
|
- |
|
windriver
|
vxworks
|
The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which …
|
CWE-255
Credentials Management
|
CVE-2010-2966
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265046
|
- |
|
windriver
|
vxworks
|
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obta…
|
CWE-310
Cryptographic Issues
|
CVE-2010-2967
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265047
|
- |
|
windriver
|
vxworks
|
The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2968
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265048
|
- |
|
moinmo
|
moinmoin
|
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2969
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265049
|
- |
|
moinmo
|
moinmoin
|
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.p…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2970
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265050
|
- |
|
gigabyte
|
dldrv2_activex_control
|
The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to (1) download arbitrary programs onto a client system, and execute these programs, via vectors involving the dl method; and (2…
|
CWE-20
Improper Input Validation
|
CVE-2010-1517
|
2010-08-3 13:00 |
2010-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
