|
266701
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Per: http://cwe.mitre.org/data/definitions/665.html
'CWE-665: Improper Initialization'
|
NVD-CWE-Other
|
CVE-2010-0121
|
2011-01-19 14:00 |
2010-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266702
|
- |
|
oracle
|
e-business_suite
|
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-2388
|
2011-01-19 14:00 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266703
|
- |
|
hypermail-project
|
hypermail
|
Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted From address, which is not properly handled when indexing mess…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4339
|
2011-01-18 14:00 |
2011-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266704
|
- |
|
ecava
|
integraxor
|
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.
|
CWE-22
Path Traversal
|
CVE-2010-4598
|
2011-01-14 15:48 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266705
|
- |
|
cstr
|
festival
|
festival_server in Centre for Speech Technology Research (CSTR) Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gai…
|
NVD-CWE-Other
|
CVE-2010-3996
|
2011-01-14 15:47 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266706
|
- |
|
squid-cache
|
squid
|
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a …
|
NVD-CWE-Other
|
CVE-2010-3072
|
2011-01-14 15:46 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266707
|
- |
|
squid-cache
|
squid
|
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2010-3072
|
2011-01-14 15:46 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266708
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users …
|
CWE-310
Cryptographic Issues
|
CVE-2010-3073
|
2011-01-14 15:46 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266709
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a wate…
|
CWE-310
Cryptographic Issues
|
CVE-2010-3074
|
2011-01-14 15:46 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266710
|
- |
|
linux-ipv6
|
umip
|
The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to spoof netlink socket communication via a crafted unicast message.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2522
|
2011-01-14 15:45 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
