|
294541
|
- |
|
canonical
|
accountsservice
ubuntu_linux
|
The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4406
|
2024-11-21 10:32 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294542
|
- |
|
suse
|
studio_extension_for_system_z
studio_onsite
kiwi
|
kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in…
|
NVD-CWE-Other
|
CVE-2011-4195
|
2024-11-21 10:32 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294543
|
- |
|
suse
|
studio_extension_for_system_z
studio_onsite
|
Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4193
|
2024-11-21 10:32 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294544
|
- |
|
suse
|
studio_extension_for_system_z
kiwi
studio_onsite
|
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double q…
|
NVD-CWE-Other
|
CVE-2011-4192
|
2024-11-21 10:32 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294545
|
- |
|
redhat
|
jboss_operations_network
|
Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4573
|
2024-11-21 10:32 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294546
|
- |
|
eye
|
eye-fi_helper
|
Directory traversal vulnerability in Eye-Fi Helper before 3.4.23 allows man-in-the-middle attackers to create arbitrary files via a .. (dot dot) in the filesignature in a GetPhotoStatus request.
|
CWE-22
Path Traversal
|
CVE-2011-4696
|
2024-11-21 10:32 |
2014-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294547
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4580
|
2024-11-21 10:32 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294548
|
- |
|
redhat
|
jboss_enterprise_application_platform
jboss_enterprise_brms_platform
jboss_communications_platform
jboss_enterprise_web_platform
|
JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attacke…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4610
|
2024-11-21 10:32 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294549
|
- |
|
canonical
debian
ubuntu
x.org
|
ubuntu_linux
debian_linux
linux
x_server
|
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restricti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4613
|
2024-11-21 10:32 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294550
|
- |
|
openbsd
|
openssh
|
ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information …
|
CWE-200
Information Exposure
|
CVE-2011-4327
|
2024-11-21 10:32 |
2014-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
