|
300971
|
- |
|
symantec
|
liveupdate_administrator
|
Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2011-1524
|
2024-11-21 10:26 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300972
|
- |
|
emc
oracle
|
data_protection_advisor_collector
solaris_sparc
|
EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1420
|
2024-11-21 10:26 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300973
|
- |
|
ibm
|
lotus_domino
|
The default configuration of the server console in IBM Lotus Domino does not require a password (aka Server_Console_Password), which allows physically proximate attackers to perform administrative ch…
|
CWE-287
Improper Authentication
|
CVE-2011-1520
|
2024-11-21 10:26 |
2011-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300974
|
- |
|
ibm
|
lotus_domino
|
The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by the client, which allows remote attackers …
|
CWE-287
Improper Authentication
|
CVE-2011-1519
|
2024-11-21 10:26 |
2011-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300975
|
- |
|
debian
canonical
|
tex-common
ubuntu_linux
debian_linux
|
The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and pos…
|
CWE-16
Configuration
|
CVE-2011-1400
|
2024-11-21 10:26 |
2011-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300976
|
- |
|
google
apple
|
chrome
iphone_os
itunes
safari
|
Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead…
|
CWE-20
Improper Input Validation
|
CVE-2011-1296
|
2024-11-21 10:26 |
2011-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300977
|
- |
|
google
apple
|
chrome
iphone_os
safari
|
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corru…
|
CWE-20
Improper Input Validation
|
CVE-2011-1295
|
2024-11-21 10:26 |
2011-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300978
|
- |
|
google
|
chrome
|
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other …
|
CWE-20
Improper Input Validation
|
CVE-2011-1294
|
2024-11-21 10:26 |
2011-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300979
|
- |
|
google
debian
apple
|
chrome
debian_linux
iphone_os
itunes
safari
|
Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact v…
|
CWE-416
Use After Free
|
CVE-2011-1293
|
2024-11-21 10:26 |
2011-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300980
|
- |
|
google
debian
|
chrome
debian_linux
|
Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via…
|
CWE-416
Use After Free
|
CVE-2011-1292
|
2024-11-21 10:26 |
2011-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
