|
266401
|
- |
|
windriver
|
vxworks
|
The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which …
|
CWE-255
Credentials Management
|
CVE-2010-2966
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266402
|
- |
|
windriver
|
vxworks
|
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obta…
|
CWE-310
Cryptographic Issues
|
CVE-2010-2967
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266403
|
- |
|
windriver
|
vxworks
|
The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2968
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266404
|
- |
|
moinmo
|
moinmoin
|
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2969
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266405
|
- |
|
moinmo
|
moinmoin
|
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.p…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2970
|
2010-08-5 22:22 |
2010-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266406
|
- |
|
gigabyte
|
dldrv2_activex_control
|
The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to (1) download arbitrary programs onto a client system, and execute these programs, via vectors involving the dl method; and (2…
|
CWE-20
Improper Input Validation
|
CVE-2010-1517
|
2010-08-3 13:00 |
2010-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266407
|
- |
|
gigabyte
|
dldrv2_activex_control
|
Array index error in the SetDLInfo method in the GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via the …
|
CWE-20
Improper Input Validation
|
CVE-2010-1518
|
2010-08-3 13:00 |
2010-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266408
|
- |
|
pharscape
|
hsolink
|
hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via shell metacharacters in command-line arguments, as demonstrated by the second argument in a down action.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1671
|
2010-08-3 13:00 |
2010-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266409
|
- |
|
mlmmj
|
mlmmj
|
Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, cr…
|
CWE-22
Path Traversal
|
CVE-2009-4896
|
2010-08-3 13:00 |
2010-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266410
|
- |
|
squid-cache
|
squid
|
The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (…
|
NVD-CWE-Other
|
CVE-2010-0639
|
2010-08-2 13:00 |
2010-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
