|
302451
|
- |
|
marcus_schafer
novell
|
kiwi
suse_studio_onsite
|
Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2650
|
2024-11-21 10:28 |
2011-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302452
|
- |
|
marcus_schafer
novell
|
kiwi
suse_studio_onsite
|
Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call.
|
CWE-20
Improper Input Validation
|
CVE-2011-2649
|
2024-11-21 10:28 |
2011-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302453
|
- |
|
marcus_schafer
novell
|
kiwi
suse_studio_onsite
|
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a filter in a modified file.
|
NVD-CWE-noinfo
|
CVE-2011-2648
|
2024-11-21 10:28 |
2011-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302454
|
- |
|
marcus_schafer
novell
|
kiwi
suse_studio_onsite
|
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modifie…
|
NVD-CWE-noinfo
|
CVE-2011-2647
|
2024-11-21 10:28 |
2011-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302455
|
- |
|
marcus_schafer
novell
|
kiwi
suse_studio_onsite
|
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified fi…
|
NVD-CWE-noinfo
|
CVE-2011-2646
|
2024-11-21 10:28 |
2011-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302456
|
- |
|
marcus_schafer
novell
|
kiwi
suse_studio_onsite
|
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename for a custom RPM.
|
NVD-CWE-noinfo
|
CVE-2011-2645
|
2024-11-21 10:28 |
2011-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302457
|
- |
|
marcus_schafer
novell
|
kiwi
suse_studio_onsite
|
Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, relate…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2644
|
2024-11-21 10:28 |
2011-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302458
|
- |
|
hp
|
openview_performance_insight
|
Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2410
|
2024-11-21 10:28 |
2011-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302459
|
- |
|
emc
|
rsa_adaptive_authentication_on-premise
|
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remot…
|
CWE-287
Improper Authentication
|
CVE-2011-2733
|
2024-11-21 10:28 |
2011-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302460
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attacker…
|
CWE-94
Code Injection
|
CVE-2011-2378
|
2024-11-21 10:28 |
2011-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
