|
310681
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 do not properly parse spectral data in AAC files, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0125
|
2024-11-21 10:11 |
2010-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310682
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initi…
|
NVD-CWE-Other
|
CVE-2010-0121
|
2024-11-21 10:11 |
2010-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310683
|
- |
|
michael_dehaan
|
cobbler
|
Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password.
|
CWE-255
Credentials Management
|
CVE-2009-5021
|
2024-11-21 10:11 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310684
|
- |
|
awstats
|
awstats
|
Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2009-5020
|
2024-11-21 10:11 |
2010-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310685
|
- |
|
webwiz
|
web_wiz_newspad
|
Web Wiz NewsPad stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/NewsPad.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5019
|
2024-11-21 10:11 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310686
|
- |
|
symantec
|
mobile_security
|
The Symantec Norton Mobile Security application 1.0 Beta for Android records setup details, possibly including wipe/lock credentials, in the device logs, which allows user-assisted remote attackers t…
|
CWE-255
Credentials Management
|
CVE-2010-0113
|
2024-11-21 10:11 |
2010-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310687
|
- |
|
symantec
|
im_manager
|
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the r…
|
CWE-89
SQL Injection
|
CVE-2010-0112
|
2024-11-21 10:11 |
2010-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310688
|
- |
|
apache
sap
|
axis2
businessobjects
|
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier …
|
CWE-255
Credentials Management
|
CVE-2010-0219
|
2024-11-21 10:11 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310689
|
- |
|
isc
|
bind
|
ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive info…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0218
|
2024-11-21 10:11 |
2010-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310690
|
- |
|
ibm
|
proventia_network_mail_security_system_virtual_appliance
proventia_network_mail_security_system_virtual_appliance_firmware
|
CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticat…
|
CWE-94
Code Injection
|
CVE-2010-0155
|
2024-11-21 10:11 |
2010-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
