|
296381
|
- |
|
apache
|
struts
|
Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5057
|
2024-11-21 10:33 |
2012-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296382
|
- |
|
maradns
|
maradns
|
The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a d…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2011-5056
|
2024-11-21 10:33 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296383
|
- |
|
maradns
|
maradns
|
MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without properly restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2011-5055
|
2024-11-21 10:33 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296384
|
- |
|
invensys
|
wonderware_inbatch
|
Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4870
|
2024-11-21 10:33 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296385
|
- |
|
kde
|
kcheckpass
|
kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended s…
|
CWE-287
Improper Authentication
|
CVE-2011-5054
|
2024-11-21 10:33 |
2012-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296386
|
- |
|
wi-fi
|
wifi_protected_setup_protocol
|
The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remo…
|
CWE-287
Improper Authentication
|
CVE-2011-5053
|
2024-11-21 10:33 |
2012-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296387
|
- |
|
apache
|
tomcat
|
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows rem…
|
CWE-399
Resource Management Errors
|
CVE-2011-4858
|
2024-11-21 10:33 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296388
|
- |
|
textpattern
|
textpattern
|
Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5019
|
2024-11-21 10:33 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296389
|
- |
|
apache
|
activemq
|
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
|
CWE-399
Resource Management Errors
|
CVE-2011-4905
|
2024-11-21 10:33 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296390
|
- |
|
cocsoft
|
stream_down
|
Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote web servers to execute arbitrary code via a long response to a download request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5052
|
2024-11-21 10:33 |
2012-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
