|
310881
|
9.8 |
CRITICAL
Network
|
apache_authenhook_project
|
apache_authenhook
|
libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error log.
|
CWE-200
Information Exposure
|
CVE-2010-3845
|
2024-11-21 10:19 |
2017-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310882
|
- |
|
ffmpeg
mplayerhq
|
ffmpeg
mplayer
|
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a mal…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3908
|
2024-11-21 10:19 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310883
|
- |
|
microsoft
|
windows_server_2008
windows_xp
windows_7
windows_vista
windows_server_2003
windows_2003_server
|
fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3974
|
2024-11-21 10:19 |
2011-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310884
|
- |
|
microsoft
|
.net_framework
|
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted X…
|
CWE-20
Improper Input Validation
|
CVE-2010-3958
|
2024-11-21 10:19 |
2011-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310885
|
- |
|
horde
|
groupware
dynamic_imp
|
Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) before 1.1.5, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3693
|
2024-11-21 10:19 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310886
|
- |
|
horde
|
imp
groupware
|
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3695
|
2024-11-21 10:19 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310887
|
- |
|
openslp
vmware
|
openslp
esxi
esx
|
The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.…
|
NVD-CWE-noinfo
|
CVE-2010-3609
|
2024-11-21 10:19 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310888
|
- |
|
apache
|
tomcat
|
Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write …
|
NVD-CWE-Other
|
CVE-2010-3718
|
2024-11-21 10:19 |
2011-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310889
|
- |
|
modxcms
|
evolution
|
Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE…
|
CWE-22
Path Traversal
|
CVE-2010-3930
|
2024-11-21 10:19 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310890
|
- |
|
modxcms
|
evolution
|
SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch.
|
CWE-89
SQL Injection
|
CVE-2010-3929
|
2024-11-21 10:19 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
