|
303041
|
- |
|
gplhost
|
domain_technologie_control
|
SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain…
|
CWE-89
SQL Injection
|
CVE-2011-3197
|
2024-11-21 10:29 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303042
|
- |
|
gplhost
|
domain_technologie_control
|
The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3196
|
2024-11-21 10:29 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303043
|
- |
|
gplhost
|
domain_technologie_control
|
shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.
|
CWE-20
Improper Input Validation
|
CVE-2011-3195
|
2024-11-21 10:29 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303044
|
- |
|
canonical
robert_ancell
|
ubuntu_linux
lightdm
|
dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc.
|
CWE-59
Link Following
|
CVE-2011-3153
|
2024-11-21 10:29 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303045
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the ini…
|
CWE-20
Improper Input Validation
|
CVE-2011-2941
|
2024-11-21 10:29 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303046
|
- |
|
linux
|
linux_kernel
|
The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c in the Linux kernel before 3.1 allows local users to obtain sensitive information from kernel memory via a copy of a short string.
|
CWE-200
Information Exposure
|
CVE-2011-2909
|
2024-11-21 10:29 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303047
|
- |
|
redhat
|
spacewalk
network_satellite
|
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to …
|
CWE-79
Cross-site Scripting
|
CVE-2011-2927
|
2024-11-21 10:29 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303048
|
- |
|
redhat
|
spacewalk
network_satellite
|
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via the "Filter by Syno…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2920
|
2024-11-21 10:29 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303049
|
- |
|
redhat
|
spacewalk
network_satellite
|
Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the System…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2919
|
2024-11-21 10:29 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303050
|
- |
|
xen
|
xen
|
Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-add…
|
CWE-399
Resource Management Errors
|
CVE-2011-2901
|
2024-11-21 10:29 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
