|
295451
|
- |
|
python
|
python
|
The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-T…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4940
|
2024-11-21 10:33 |
2012-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295452
|
- |
|
linux
novell
|
linux_kernel
suse_linux_enterprise_server
|
The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to o…
|
CWE-20
Improper Input Validation
|
CVE-2011-4914
|
2024-11-21 10:33 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295453
|
- |
|
novell
linux
|
suse_linux_enterprise_server
linux_kernel
|
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) c…
|
CWE-20
Improper Input Validation
|
CVE-2011-4913
|
2024-11-21 10:33 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295454
|
- |
|
openssl
|
openssl
|
The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obt…
|
CWE-310
Cryptographic Issues
|
CVE-2011-5095
|
2024-11-21 10:33 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295455
|
- |
|
mozilla
|
network_security_services
|
Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, …
|
NVD-CWE-Other
|
CVE-2011-5094
|
2024-11-21 10:33 |
2012-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295456
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arb…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5093
|
2024-11-21 10:33 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295457
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 3.8.x before 3.8.12 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code and gain privileges via unspecified vectors, a different vulnerability than CVE-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5092
|
2024-11-21 10:33 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295458
|
- |
|
grboard
|
grboard
|
Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter …
|
CWE-89
SQL Injection
|
CVE-2011-5091
|
2024-11-21 10:33 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295459
|
- |
|
grboard
|
grboard
|
GR Board (aka grboard) 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote attackers to modify or delete data via a request to (1) mod_rewrite.…
|
CWE-287
Improper Authentication
|
CVE-2011-5090
|
2024-11-21 10:33 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295460
|
- |
|
iconics
|
genesis32
bizviz
|
Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service (applicatio…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5089
|
2024-11-21 10:33 |
2012-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
