|
294711
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPL-44614.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4778
|
2024-11-21 10:32 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294712
|
- |
|
splunk
|
splunk
|
Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote …
|
CWE-287
Improper Authentication
|
CVE-2011-4644
|
2024-11-21 10:32 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294713
|
- |
|
splunk
|
splunk
|
Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP …
|
CWE-22
Path Traversal
|
CVE-2011-4643
|
2024-11-21 10:32 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294714
|
- |
|
splunk
|
splunk
|
mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary…
|
CWE-352
Origin Validation Error
|
CVE-2011-4642
|
2024-11-21 10:32 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294715
|
- |
|
steve_j_baker
|
plib
|
Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors in…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4620
|
2024-11-21 10:32 |
2011-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294716
|
- |
|
python
|
virtualenv
|
virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.
|
CWE-59
Link Following
|
CVE-2011-4617
|
2024-11-21 10:32 |
2011-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294717
|
- |
|
plone
|
plone
|
Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CP…
|
CWE-20
Improper Input Validation
|
CVE-2011-4462
|
2024-11-21 10:32 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294718
|
5.3 |
MEDIUM
Network
|
oracle
mortbay
|
sun_storage_common_array_manager
jetty
|
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4461
|
2024-11-21 10:32 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294719
|
- |
|
zabbix
|
zabbix
|
Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter (aka host groups name) to (1) hostgro…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4615
|
2024-11-21 10:32 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294720
|
- |
|
google
|
idapython
|
The IDAPython plugin before 1.5.2.3 in IDA Pro allows user-assisted remote attackers to execute arbitrary code via a crafted IDB file, related to improper handling of certain swig_runtime_data files …
|
CWE-20
Improper Input Validation
|
CVE-2011-4783
|
2024-11-21 10:32 |
2011-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
