|
271301
|
- |
|
novaboard
|
novaboard
|
SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows remote attackers to execute arbitrary SQL commands via the nova_name cookie parameter. NOTE: the provenance of this information is…
|
CWE-89
SQL Injection
|
CVE-2010-0609
|
2010-11-4 02:46 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271302
|
- |
|
ibm
|
websphere_application_server
|
The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers t…
|
CWE-200
Information Exposure
|
CVE-2010-0563
|
2010-11-3 13:00 |
2010-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271303
|
- |
|
nos_microsystems
|
getplus_download_manager
|
Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5364
|
2010-10-25 13:00 |
2008-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271304
|
- |
|
ibm
|
db2
|
The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4331
|
2010-10-7 14:44 |
2009-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271305
|
- |
|
ibm
|
db2
|
IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2 does not perform the expected drops of certain table functions upon a loss of privileges by the functions' definers, which ha…
|
NVD-CWE-noinfo
|
CVE-2009-3471
|
2010-10-7 14:42 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271306
|
- |
|
opera
|
opera_browser
|
Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers…
|
CWE-200
Information Exposure
|
CVE-2010-0653
|
2010-09-21 14:46 |
2010-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271307
|
- |
|
fujitsu
|
e-pares
|
Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2010-2149
|
2010-09-21 13:00 |
2010-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271308
|
- |
|
linux
|
linux_kernel
|
umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen…
|
NVD-CWE-Other
|
CVE-2007-0822
|
2010-09-15 14:43 |
2007-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271309
|
- |
|
suse
|
suse_linux
|
Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-0460
|
2010-09-15 14:41 |
2007-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271310
|
- |
|
clam_anti-virus
|
clamav
|
Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.
|
NVD-CWE-Other
|
CVE-2006-5874
|
2010-09-15 14:30 |
2006-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
