|
265811
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users …
|
CWE-310
Cryptographic Issues
|
CVE-2010-3073
|
2011-01-14 15:46 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265812
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a wate…
|
CWE-310
Cryptographic Issues
|
CVE-2010-3074
|
2011-01-14 15:46 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265813
|
- |
|
linux-ipv6
|
umip
|
The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to spoof netlink socket communication via a crafted unicast message.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2522
|
2011-01-14 15:45 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265814
|
- |
|
linux-ipv6
|
umip
|
Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an unspecified impact via a crafted (1) ND_OPT_PREFIX_INFORMATION or (2) ND_OPT_HOME_AGENT_INFO packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2523
|
2011-01-14 15:45 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265815
|
- |
|
opera
|
opera_browser
|
Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact …
|
NVD-CWE-Other
|
CVE-2010-4587
|
2011-01-12 15:54 |
2010-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265816
|
- |
|
sixapart
|
movabletype
|
Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3921
|
2011-01-12 15:53 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265817
|
- |
|
sixapart
|
movabletype
|
SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-3922
|
2011-01-12 15:53 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265818
|
- |
|
rim
|
blackberry_desktop_software
|
RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for Mac, uses a weak password to encrypt a database backup file, which makes it easier for local users to decrypt the file via a brute …
|
CWE-310
Cryptographic Issues
|
CVE-2010-2603
|
2011-01-12 15:51 |
2010-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265819
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a PDF document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1837
|
2011-01-12 15:49 |
2010-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265820
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication b…
|
CWE-287
Improper Authentication
|
CVE-2010-1838
|
2011-01-12 15:49 |
2010-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
