|
295171
|
- |
|
phpldapadmin_project
|
phpldapadmin
|
Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an _debug command.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4074
|
2024-11-21 10:31 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295172
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4064
|
2024-11-21 10:31 |
2011-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295173
|
- |
|
cisco
|
webex_recording_format_player
|
Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4004
|
2024-11-21 10:31 |
2011-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295174
|
- |
|
openldap
|
openldap
|
Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-ba…
|
CWE-189
Numeric Errors
|
CVE-2011-4079
|
2024-11-21 10:31 |
2011-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295175
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise_users
puppet_enterprise
|
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to …
|
CWE-20
Improper Input Validation
|
CVE-2011-3872
|
2024-11-21 10:31 |
2011-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295176
|
- |
|
puppetlabs
puppet
|
puppet
|
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3871
|
2024-11-21 10:31 |
2011-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295177
|
- |
|
puppetlabs
puppet
|
puppet
|
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.
|
CWE-59
Link Following
|
CVE-2011-3870
|
2024-11-21 10:31 |
2011-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295178
|
- |
|
puppetlabs
puppet
|
puppet
|
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.
|
CWE-59
Link Following
|
CVE-2011-3869
|
2024-11-21 10:31 |
2011-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295179
|
- |
|
puppetlabs
puppet
|
puppet
|
Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request (CSR) to arbitrary locations via (1) a double…
|
CWE-22
Path Traversal
|
CVE-2011-3848
|
2024-11-21 10:31 |
2011-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295180
|
- |
|
google
|
chrome
|
Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impa…
|
NVD-CWE-noinfo
|
CVE-2011-3891
|
2024-11-21 10:31 |
2011-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
