|
295131
|
- |
|
freebsd
|
freebsd
|
Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name arg…
|
CWE-22
Path Traversal
|
CVE-2011-4122
|
2024-11-21 10:31 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295132
|
6.5 |
MEDIUM
Network
|
phpmyadmin
fedoraproject
debian
|
phpmyadmin
fedora
debian_linux
|
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrar…
|
CWE-611
XXE
|
CVE-2011-4107
|
2024-11-21 10:31 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295133
|
- |
|
squid-cache
|
squid
|
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record th…
|
CWE-399
Resource Management Errors
|
CVE-2011-4096
|
2024-11-21 10:31 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295134
|
- |
|
xelerance
|
openswan
|
Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash)…
|
CWE-399
Resource Management Errors
|
CVE-2011-4073
|
2024-11-21 10:31 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295135
|
- |
|
hp
|
network_node_manager_i
|
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerab…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4156
|
2024-11-21 10:31 |
2011-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295136
|
- |
|
hp
|
network_node_manager_i
|
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerab…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4155
|
2024-11-21 10:31 |
2011-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295137
|
- |
|
hp
|
directories_support_for_proliant_management_processors
|
Unspecified vulnerability in HP Directories Support for ProLiant Management Processors 3.10 and 3.20 for Integrated Lights-Out iLO2 and iLO3 allows remote authenticated users to obtain sensitive info…
|
NVD-CWE-noinfo
|
CVE-2011-4158
|
2024-11-21 10:31 |
2011-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295138
|
- |
|
hp
|
centralized_management_console_software
san\/iq
storageworks_p4000_virtual_san_appliance
|
Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4157
|
2024-11-21 10:31 |
2011-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295139
|
- |
|
mahara
|
mahara
|
Mahara before 1.4.1, when MNet (aka the Moodle network feature) is used, allows remote authenticated users to gain privileges via a jump to an XMLRPC target.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4118
|
2024-11-21 10:31 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295140
|
- |
|
dell
|
kace_k2000_systems_deployment_appliance
|
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information fro…
|
CWE-255
Credentials Management
|
CVE-2011-4048
|
2024-11-21 10:31 |
2011-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
