|
294321
|
- |
|
wordpress
|
wordpress
|
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a deni…
|
CWE-20
Improper Input Validation
|
CVE-2011-4957
|
2024-11-21 10:33 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294322
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4956
|
2024-11-21 10:33 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294323
|
- |
|
python
|
python
|
The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-T…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4940
|
2024-11-21 10:33 |
2012-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294324
|
- |
|
linux
novell
|
linux_kernel
suse_linux_enterprise_server
|
The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to o…
|
CWE-20
Improper Input Validation
|
CVE-2011-4914
|
2024-11-21 10:33 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294325
|
- |
|
novell
linux
|
suse_linux_enterprise_server
linux_kernel
|
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) c…
|
CWE-20
Improper Input Validation
|
CVE-2011-4913
|
2024-11-21 10:33 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294326
|
- |
|
openssl
|
openssl
|
The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obt…
|
CWE-310
Cryptographic Issues
|
CVE-2011-5095
|
2024-11-21 10:33 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294327
|
- |
|
mozilla
|
network_security_services
|
Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, …
|
NVD-CWE-Other
|
CVE-2011-5094
|
2024-11-21 10:33 |
2012-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294328
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arb…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5093
|
2024-11-21 10:33 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294329
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 3.8.x before 3.8.12 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code and gain privileges via unspecified vectors, a different vulnerability than CVE-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5092
|
2024-11-21 10:33 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294330
|
- |
|
grboard
|
grboard
|
Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter …
|
CWE-89
SQL Injection
|
CVE-2011-5091
|
2024-11-21 10:33 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
