|
294701
|
- |
|
siemens
|
automation_license_manager
|
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_tar…
|
CWE-20
Improper Input Validation
|
CVE-2011-4531
|
2024-11-21 10:32 |
2012-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294702
|
- |
|
siemens
|
automation_license_manager
|
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon…
|
CWE-20
Improper Input Validation
|
CVE-2011-4530
|
2024-11-21 10:32 |
2012-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294703
|
- |
|
siemens
|
automation_license_manager
|
Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allow remote attackers to execute arbitrary code via a long serialid field in an _licensekey command, as…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4529
|
2024-11-21 10:32 |
2012-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294704
|
- |
|
mediawiki
debian
|
mediawiki
debian_linux
|
MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by (1) leveraging the SpecialUpload::aja…
|
CWE-276
Incorrect Default Permissions
|
CVE-2011-4361
|
2024-11-21 10:32 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294705
|
- |
|
mediawiki
debian
|
mediawiki
debian_linux
|
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.
|
CWE-200
Information Exposure
|
CVE-2011-4360
|
2024-11-21 10:32 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294706
|
- |
|
igor_vlasenko
|
html-template-pro
|
Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to impr…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4616
|
2024-11-21 10:32 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294707
|
- |
|
openssl
|
openssl
|
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of servi…
|
CWE-399
Resource Management Errors
|
CVE-2011-4619
|
2024-11-21 10:32 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294708
|
- |
|
openssl
|
openssl
|
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate…
|
CWE-399
Resource Management Errors
|
CVE-2011-4577
|
2024-11-21 10:32 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294709
|
- |
|
openssl
|
openssl
|
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4576
|
2024-11-21 10:32 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294710
|
- |
|
pfsense
|
pfsense
|
etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certifica…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4197
|
2024-11-21 10:32 |
2012-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
