|
295841
|
- |
|
splunk
|
splunk
|
Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP …
|
CWE-22
Path Traversal
|
CVE-2011-4643
|
2024-11-21 10:32 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295842
|
- |
|
splunk
|
splunk
|
mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary…
|
CWE-352
Origin Validation Error
|
CVE-2011-4642
|
2024-11-21 10:32 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295843
|
- |
|
steve_j_baker
|
plib
|
Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors in…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4620
|
2024-11-21 10:32 |
2011-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295844
|
- |
|
python
|
virtualenv
|
virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.
|
CWE-59
Link Following
|
CVE-2011-4617
|
2024-11-21 10:32 |
2011-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295845
|
- |
|
plone
|
plone
|
Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CP…
|
CWE-20
Improper Input Validation
|
CVE-2011-4462
|
2024-11-21 10:32 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295846
|
5.3 |
MEDIUM
Network
|
oracle
mortbay
|
sun_storage_common_array_manager
jetty
|
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4461
|
2024-11-21 10:32 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295847
|
- |
|
zabbix
|
zabbix
|
Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter (aka host groups name) to (1) hostgro…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4615
|
2024-11-21 10:32 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295848
|
- |
|
google
|
idapython
|
The IDAPython plugin before 1.5.2.3 in IDA Pro allows user-assisted remote attackers to execute arbitrary code via a crafted IDB file, related to improper handling of certain swig_runtime_data files …
|
CWE-20
Improper Input Validation
|
CVE-2011-4783
|
2024-11-21 10:32 |
2011-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295849
|
- |
|
nvidia
|
stereoscopic_3d_driver
|
The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a named pipe, which allows local users to gain privileges via a crafted application.
|
CWE-20
Improper Input Validation
|
CVE-2011-4784
|
2024-11-21 10:32 |
2011-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295850
|
- |
|
7t
|
igss
|
Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11355 and earlier allow remote attackers to execute arbitrary code or cause a denial of service via a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4537
|
2024-11-21 10:32 |
2011-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
