|
295441
|
- |
|
mcafee
|
saas_endpoint_protection
|
The Rumor technology in McAfee SaaS Endpoint Protection before 5.2.4 allows remote attackers to relay e-mail messages via unspecified vectors, as demonstrated by relaying spam.
|
NVD-CWE-Other
|
CVE-2011-5101
|
2024-11-21 10:33 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295442
|
- |
|
mcafee
|
firewall_reporter
|
The web interface in McAfee Firewall Reporter before 5.1.0.13 does not properly implement cookie authentication, which allows remote attackers to obtain access, and disable anti-virus functionality, …
|
CWE-287
Improper Authentication
|
CVE-2011-5100
|
2024-11-21 10:33 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295443
|
- |
|
chillcreations
|
mod_ccnewsletter
|
SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0.7 through 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id p…
|
CWE-89
SQL Injection
|
CVE-2011-5099
|
2024-11-21 10:33 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295444
|
- |
|
opscode
|
chef
|
chef-server-api/app/controllers/clients.rb in Chef Server in Chef before 0.9.20, and 0.10.x before 0.10.6, does not require administrative privileges for creating admin clients, which allows remote a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5098
|
2024-11-21 10:33 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295445
|
- |
|
opscode
|
chef
|
chef-server-api/app/controllers/cookbooks.rb in Chef Server in Chef before 0.9.18, and 0.10.x before 0.10.2, does not require administrative privileges for the update and destroy methods, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5097
|
2024-11-21 10:33 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295446
|
- |
|
pidgin
|
pidgin
|
cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or …
|
CWE-200
Information Exposure
|
CVE-2011-4922
|
2024-11-21 10:33 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295447
|
- |
|
f5
|
nginx
|
nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_al…
|
NVD-CWE-noinfo
|
CVE-2011-4963
|
2024-11-21 10:33 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295448
|
- |
|
avaya
|
aura_application_server_5300
|
Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5096
|
2024-11-21 10:33 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295449
|
- |
|
wordpress
|
wordpress
|
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a deni…
|
CWE-20
Improper Input Validation
|
CVE-2011-4957
|
2024-11-21 10:33 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295450
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4956
|
2024-11-21 10:33 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
