|
267581
|
- |
|
freebsd
|
freebsd
|
jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2022
|
2010-06-1 13:00 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267582
|
- |
|
intervations
|
filecopa
|
Directory traversal vulnerability in the FTP service in FileCOPA before 5.03 allows remote attackers to read or overwrite arbitrary files via unknown vectors. NOTE: the provenance of this informatio…
|
CWE-22
Path Traversal
|
CVE-2010-2112
|
2010-06-1 13:00 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267583
|
- |
|
brekeke
|
pbx
|
Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke PBX 2.4.4.8 allows remote attackers to hijack the authentication of users for requests that change passwords via the pbxadmin.we…
|
CWE-352
Origin Validation Error
|
CVE-2010-2114
|
2010-06-1 13:00 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267584
|
- |
|
solarwinds
|
tftp_server
|
SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted read request.
|
CWE-20
Improper Input Validation
|
CVE-2010-2115
|
2010-06-1 13:00 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267585
|
- |
|
hp
|
mercury_testdirector_for_quality_center
|
Unspecified vulnerability in HP TestDirector for Quality Center 9.2 before Patch8 allows remote attackers to modify data via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-1959
|
2010-05-29 14:47 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267586
|
- |
|
sun
|
lightweight_availability_collection_tool
|
Race condition in the Sun Lightweight Availability Collection Tool 3.0 on Solaris 7 through 10 allows local users to overwrite arbitrary files via unspecified vectors.
|
CWE-362
Race Condition
|
CVE-2009-2314
|
2010-05-29 14:39 |
2009-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267587
|
- |
|
go-oo
|
go-oo
|
Multiple heap-based buffer overflows in cppcanvas/source/mtfrenderer/emfplus.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allow remote attack…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2140
|
2010-05-29 14:38 |
2009-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267588
|
- |
|
microsoft
|
asp.net
|
Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property on a control that inherits from HtmlContainerControl, which allows remote attackers to conduct cross-site scripting (XSS) attacks…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2084
|
2010-05-28 13:00 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267589
|
- |
|
microsoft
|
.net_framework
|
The default configuration of ASP.NET in Microsoft .NET before 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2085
|
2010-05-28 13:00 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267590
|
- |
|
apache
|
myfaces
|
Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2086
|
2010-05-28 13:00 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
