|
274291
|
- |
|
gnu
|
bash
|
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LS_OPTIONS, which allows local users to send esc…
|
CWE-20
Improper Input Validation
|
CVE-2010-0002
|
2011-08-8 13:00 |
2010-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274292
|
- |
|
tibco
|
runtime_agent
|
The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak p…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0184
|
2011-08-8 13:00 |
2010-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274293
|
- |
|
ibm
|
tivoli_directory_server
|
The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.2 on Linux allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted…
|
CWE-20
Improper Input Validation
|
CVE-2010-0312
|
2011-08-8 13:00 |
2010-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274294
|
- |
|
google
|
google_sketchup
|
Integer overflow in Google SketchUp before 7.1 M2 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a crafted SKP file.
|
CWE-189
Numeric Errors
|
CVE-2010-0316
|
2011-08-8 13:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274295
|
- |
|
freebsd
|
freebsd
|
The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, and 8.0, when creating files during replay of a setattr transaction, uses 7777 permissions instead of the original permissions, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0318
|
2011-08-8 13:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274296
|
- |
|
alex_kellner
|
powermail
|
SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection fiel…
|
CWE-89
SQL Injection
|
CVE-2010-0329
|
2011-08-8 13:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274297
|
- |
|
stefan_tannhaeuser
|
tv21_talkshow
|
Cross-site scripting (XSS) vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0331
|
2011-08-8 13:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274298
|
- |
|
stefan_tannhaeuser
|
tv21_talkshow
|
SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-0332
|
2011-08-8 13:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274299
|
- |
|
mortbay
|
jetty
|
The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attackers to obtain sensitive information about internal variables and other data via a request to a URI ending in /dump/, as demonstrat…
|
CWE-200
Information Exposure
|
CVE-2009-4609
|
2011-08-8 13:00 |
2010-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274300
|
- |
|
mortbay
|
jetty
|
Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP D…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4610
|
2011-08-8 13:00 |
2010-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
