|
310811
|
- |
|
squid-cache
|
squid
|
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a …
|
NVD-CWE-Other
|
CVE-2010-3072
|
2024-11-21 10:17 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310812
|
- |
|
hp
|
system_management_homepage
|
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue wa…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3012
|
2024-11-21 10:17 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310813
|
- |
|
arg0
|
encfs
|
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations…
|
CWE-310
Cryptographic Issues
|
CVE-2010-3075
|
2024-11-21 10:17 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310814
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a wate…
|
CWE-310
Cryptographic Issues
|
CVE-2010-3074
|
2024-11-21 10:17 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310815
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users …
|
CWE-310
Cryptographic Issues
|
CVE-2010-3073
|
2024-11-21 10:17 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310816
|
- |
|
hp
|
system_management_homepage
|
CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vec…
|
CWE-20
Improper Input Validation
|
CVE-2010-3011
|
2024-11-21 10:17 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310817
|
- |
|
hp
|
3com_officeconnect_gigabit_vpn_firewall_software
3crevf100-73
|
Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3010
|
2024-11-21 10:17 |
2010-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310818
|
- |
|
microsoft
|
windows_server_2008
windows_xp
windows_vista
windows_server_2003
office
|
The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Offic…
|
CWE-20
Improper Input Validation
|
CVE-2010-2738
|
2024-11-21 10:17 |
2010-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310819
|
- |
|
-
|
-
|
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended acce…
|
CWE-287
Improper Authentication
|
CVE-2010-2731
|
2024-11-21 10:17 |
2010-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310820
|
- |
|
microsoft
|
internet_information_services
|
Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2730
|
2024-11-21 10:17 |
2010-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
