Vulnerabilities (CVE)

Filter

130145 total CVE
CVE Vendors Products Updated CVSS
CVE-2010-2603 1 Rim 1 Blackberry Desktop Software 2011-01-12 2.1
RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for Mac, uses a weak password to encrypt a database backup file, which makes it easier for local users to decrypt the file via a brute force attack.
CVE-2010-1844 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 7.1
Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (memory consumption and system crash) via a crafted image.
CVE-2010-1842 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 9.3
Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a bidirectional text string with ellipsis truncation.
CVE-2010-1841 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 9.3
Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted UDIF image.
CVE-2010-1838 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 4.4
Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication by providing a valid account name.
CVE-2010-1837 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 6.8
CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a PDF document.
CVE-2010-4507 1 Clear 4 Ispot Firmware, Clearspot Firmware, Ispot and 1 more 2011-01-12 9.3
Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpot 2.0.0.0 R1679, and the ClearSpot 2.0.0.0 R1512 and R1786, with firmware 1.9.9.4 allow remote attackers to hijack the authentication of administrators for requests that (1)...
CVE-2010-0391 1 Embarcadero 1 Interbase Smp 2009 2011-01-12 7.5
Multiple stack-based buffer overflows in Embarcadero Technologies InterBase SMP 2009 9.0.3.437 allow remote attackers to execute arbitrary code via unknown vectors involving crafted packets. NOTE: the provenance of this information is unknown;...
CVE-2010-0390 1 Phpf1 1 Max%27s Image Uploader 2011-01-12 6.8
Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary...
CVE-2010-4599 1 Ecava 1 Integraxor 2011-01-11 6.9
Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of this information is unknown; the details are...
CVE-2010-4597 1 Ecava 1 Integraxor 2011-01-11 10.0
Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the...
CVE-2010-4593 1 Ibm 1 Lotus Mobile Connect 2011-01-11 4.0
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to...
CVE-2010-4592 1 Ibm 1 Lotus Mobile Connect 2011-01-11 4.3
The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which...
CVE-2010-4591 1 Ibm 1 Lotus Mobile Connect 2011-01-11 4.4
The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to...
CVE-2010-4589 1 Ibm 1 Enovia 2011-01-11 4.3
Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the emxFramework.FilterParameterPattern property.
CVE-2010-4521 1 Earl Miles 1 Views 2011-01-11 4.3
Cross-site scripting (XSS) vulnerability in the Views module 6.x before 6.x-2.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via a page path.
CVE-2010-4276 1 Livezilla 1 Livezilla 2011-01-11 4.3
Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid function in templates/jscript/jstrack.tpl in LiveZilla 3.2.0.2 allows remote attackers to inject arbitrary web script or HTML via the livezilla parameter in a track action to...
CVE-2010-4114 1 Hp 1 Discovery%26dependency Mapping Inventory 2011-01-11 4.3
Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4112 1 Hp 1 Insight Management Agents 2011-01-11 5.0
HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via an unspecified request that triggers disclosure of the full path.
CVE-2010-4111 1 Hp 1 Insight Diagnostics 2011-01-11 4.3
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.