CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2010-3650 – flash-plugin: security bulletin APSB10-26
https://notcve.org/view.php?id=CVE-2010-3650
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3652. Vulnerabilidad no especificada en Adobe Flash Player anterior v9.0.289.0 y v10.x anterior v10.1.102.64 en Windows, Mac OS X, Linux, y Solaris, y v10.1.95.1 en Android, permite a atacantes ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, y CVE-2010-3652. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html http://marc.info/?l=bugtraq&m=130331642631603&w=2 http://secunia.com/advisories/42183 http://secunia.com/advisories/42926 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://support.apple.com/kb/HT4435 http:// •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2010-3652 – flash-plugin: security bulletin APSB10-26
https://notcve.org/view.php?id=CVE-2010-3652
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, and CVE-2010-3650. Vulnerabilidad no especificada en dobe Flash Player anterior v9.0.289.0 y v10.x anterior v10.1.102.64 en Windows, Mac OS X, Linux, y Solaris, y v10.1.95.1 en Android, permite a atacantes ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, y CVE-2010-3650. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html http://marc.info/?l=bugtraq&m=130331642631603&w=2 http://secunia.com/advisories/42183 http://secunia.com/advisories/42926 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://support.apple.com/kb/HT4435 http:// •
CVSS: 6.8EPSS: 0%CPEs: 75EXPL: 0CVE-2010-2594
https://notcve.org/view.php?id=CVE-2010-2594
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port. Múltiples vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en la interfaz de gestión Web de InterSect Alliance Snare Agent v3.2.3 y anteriores en Solaris, Snare Agent v3.1.7 y anteriores en Windows, Snare Agent v1.5.0 y anteriores en Linux y AIX, Snare Agent v1.4 y anteriores en IRIX, Snare Epilog v1.5.3 y anteriores en Windows, y Snare Epilog v1.2 y anteriores en UNIX permiten a atacantes remotos secuestrar la autenticación de los administradores para solicitudes que (1) modifiquen la contraseña o (2) cambien el puerto de escucha. • http://holisticinfosec.org/content/view/144/45 http://secunia.com/advisories/39562 http://www.kb.cert.org/vuls/id/173009 http://www.securityfocus.com/bid/41226 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 2%CPEs: 119EXPL: 0CVE-2009-4777
https://notcve.org/view.php?id=CVE-2009-4777
Unspecified vulnerability in multiple versions of Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer, allows remote attackers to cause a denial of service ("abnormal" termination) via vectors related to the display of an "invalid GIF file." Vulnerabilidad no especificada en múltiples versiones de Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, y JP1/Cm2/SNMP System Observer, permite a atacantes remotos causar una denegación de servicio (terminación anormal)a través de vectores relacionados con la visualización de un fichero GIF no válido. • http://osvdb.org/57832 http://secunia.com/advisories/36646 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-016/index.html http://www.securityfocus.com/bid/36311 http://www.vupen.com/english/advisories/2009/2576 https://exchange.xforce.ibmcloud.com/vulnerabilities/53115 •
CVSS: 4.0EPSS: 0%CPEs: 70EXPL: 0CVE-2009-4774
https://notcve.org/view.php?id=CVE-2009-4774
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225. Vulnerabilidad sin especificar en Sun Solaris 10 y OpenSolaris snv_49 a la snv_117, cuando se usa el modo 64bit en las plataformas Intel x86 y la "branded Zone" está configurada, permite a usuarios locales provocar una denegación de servicio (panic) a través de vectores no especificados. Vulnerabilidad distinta del CVE-2007-6225. • http://secunia.com/advisories/36691 http://sunsolve.sun.com/search/document.do?assetkey=1-26-266228-1 http://www.securityfocus.com/bid/36340 http://www.vupen.com/english/advisories/2009/2581 •