266231
|
- |
|
phpmyfaq
|
phpmyfaq
|
phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification (Trojan Horse) in the getTopTen method in inc/Faq.php, which all…
|
CWE-94
Code Injection
|
CVE-2010-4558
|
2010-12-20 14:00 |
2010-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266232
|
- |
|
michael_dehaan
|
cobbler
|
Cobbler before 2.0.4 uses an incorrect umask value, which allows local users to have an unspecified impact by leveraging world writable permissions for files and directories.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4512
|
2010-12-18 16:07 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266233
|
- |
|
citrix
|
web_interface
|
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, 5.1, and 5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability th…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4515
|
2010-12-18 16:07 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266234
|
- |
|
wobeo
|
wp-safe-search
|
Cross-site scripting (XSS) vulnerability in wp-safe-search/wp-safe-search-jx.php in the Safe Search plugin 0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the v1 …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4518
|
2010-12-18 16:07 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266235
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 ima…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3787
|
2010-12-18 16:06 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266236
|
- |
|
ibm
|
lotus_notes_traveler
|
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (resource consumption and sync outage) by syncing a large volume of data.
|
CWE-399
Resource Management Errors
|
CVE-2010-4545
|
2010-12-17 14:00 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266237
|
- |
|
ibm
|
lotus_notes_traveler
|
IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment download request for an e-mail message with a Prevent Copy attribute, which allows remote authenticated users to bypass intended …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4546
|
2010-12-17 14:00 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266238
|
- |
|
ibm
|
lotus_notes_traveler
|
IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain environment is used, does not properly apply policy documents to mobile users from a different Domino domain than the Traveler server, whic…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4547
|
2010-12-17 14:00 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266239
|
- |
|
ibm
|
lotus_notes_traveler
|
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (daemon crash) by accepting a meeting invitation with an iNotes client and then accepting this m…
|
CWE-20
Improper Input Validation
|
CVE-2010-4548
|
2010-12-17 14:00 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266240
|
- |
|
ibm
|
lotus_notes_traveler
|
IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device successfully performs a Replace Data operation for a prohibited application, which allows remote authenticated users to bypass intended…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4549
|
2010-12-17 14:00 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|