|
296511
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and …
|
NVD-CWE-Other
|
CVE-2011-5321
|
2024-11-21 10:34 |
2016-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296512
|
- |
|
gehealthcare
|
centricity_pacs-iw
|
The TeraRecon server, as used in GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions, has a password of (1) shared for the shared user and (2) scan for the scan user, which…
|
CWE-255
Credentials Management
|
CVE-2011-5324
|
2024-11-21 10:34 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296513
|
- |
|
gehealthcare
|
centricity_pacs-iw
|
GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions has a password of A11enda1e for the sa SQL server user, which has unspecified impact and attack vectors. NOTE: it is no…
|
CWE-255
Credentials Management
|
CVE-2011-5323
|
2024-11-21 10:34 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296514
|
- |
|
gehealthcare
|
centricity_analytics_server
|
GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Server sa user, (2) G3car3s for the analyst user, (3) G3car3s for the ccg user, (4) V0yag3r for the vie…
|
CWE-255
Credentials Management
|
CVE-2011-5322
|
2024-11-21 10:34 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296515
|
- |
|
google
|
chrome
|
content/renderer/device_sensors/device_motion_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate accelerometer data, which makes it easier for remote at…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5319
|
2024-11-21 10:34 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296516
|
- |
|
diafan
|
diafan.cms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in diafan.CMS before 5.1 allow remote attackers to hijack the authentication of administrators for requests that (1) modify articles via a s…
|
CWE-352
Origin Validation Error
|
CVE-2011-5318
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296517
|
- |
|
wondercms
|
wondercms
|
Cross-site scripting (XSS) vulnerability in editText.php in WonderCMS before 0.4 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5317
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296518
|
- |
|
cambio_project
|
cambio
|
Cross-site request forgery (CSRF) vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentia…
|
CWE-352
Origin Validation Error
|
CVE-2011-5316
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296519
|
- |
|
whcms_project
|
whcms
|
Cross-site request forgery (CSRF) vulnerability in admin/index.php in whCMS 0.115 alpha allows remote attackers to hijack the authentication of administrators for requests that modify credentials via…
|
CWE-352
Origin Validation Error
|
CVE-2011-5315
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296520
|
- |
|
redaxscript
|
redaxscript
|
templates/default/index.php in Redaxscript 0.3.2 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
|
CWE-200
Information Exposure
|
CVE-2011-5314
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
