|
294391
|
- |
|
microsys
|
promotic
|
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2011-4518
|
2024-11-21 10:32 |
2013-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294392
|
- |
|
gnu
|
glibc
|
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.
|
CWE-399
Resource Management Errors
|
CVE-2011-4609
|
2024-11-21 10:32 |
2013-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294393
|
- |
|
siemens
|
wincc_tia_portal
|
Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive informatio…
|
CWE-255
Credentials Management
|
CVE-2011-4515
|
2024-11-21 10:32 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294394
|
- |
|
dovecot
|
dovecot
|
Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Comm…
|
CWE-20
Improper Input Validation
|
CVE-2011-4318
|
2024-11-21 10:32 |
2013-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294395
|
- |
|
gnu
|
gdb
|
GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4355
|
2024-11-21 10:32 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294396
|
- |
|
redhat
|
jboss_enterprise_web_platform
jboss_enterprise_application_platform
jboss_enterprise_brms_platform
|
Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform …
|
CWE-20
Improper Input Validation
|
CVE-2011-4575
|
2024-11-21 10:32 |
2013-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294397
|
- |
|
simplerealtytheme
|
advanced_text_widget_plugin
|
Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page para…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4618
|
2024-11-21 10:32 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294398
|
- |
|
redhat
|
enterprise_virtualization_manager
|
Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in certain unspecified conditions, does not lock the desktop screen between SPICE sessions, which allows local users with access to a vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4316
|
2024-11-21 10:32 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294399
|
- |
|
redhat
|
jboss_enterprise_application_platform
jboss_enterprise_web_platform
jboss_enterprise_portal_platform
jboss_enterprise_brms_platform
jboss_enterprise_soa_platform
|
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.C…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4605
|
2024-11-21 10:32 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294400
|
- |
|
xiph
|
icecast
|
icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.
|
CWE-20
Improper Input Validation
|
CVE-2011-4612
|
2024-11-21 10:32 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
