|
297891
|
- |
|
puppet
|
puppet
|
Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0528
|
2024-11-21 10:24 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297892
|
- |
|
iain
|
gypsy
|
Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0524
|
2024-11-21 10:24 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297893
|
- |
|
iain
|
gypsy
|
gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0523
|
2024-11-21 10:24 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297894
|
- |
|
linux
|
linux_kernel
|
The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of servi…
|
CWE-399
Resource Management Errors
|
CVE-2011-0716
|
2024-11-21 10:24 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297895
|
- |
|
cyber-ark
|
password_vault_web_access
|
Cross-site scripting (XSS) vulnerability in Cyber-Ark Password Vault Web Access (PVWA) 5.0 and earlier, 5.5 through 5.5 patch 4, and 6.0 through 6.0 patch 2 allows remote attackers to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0459
|
2024-11-21 10:24 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297896
|
- |
|
symantec
|
im_manager
|
The management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "code injection issue."
|
CWE-94
Code Injection
|
CVE-2011-0554
|
2024-11-21 10:24 |
2011-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297897
|
- |
|
symantec
|
im_manager
|
SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2011-0553
|
2024-11-21 10:24 |
2011-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297898
|
- |
|
symantec
|
im_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager before 8.4.18 allow remote attackers to inject arbitrary web script or HTML via the (1) refreshRat…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0552
|
2024-11-21 10:24 |
2011-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297899
|
- |
|
microsoft
|
sharepoint_server
sharepoint_foundation
|
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010 Gold and SP1, and SharePoint Foundation 2010, allows remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0653
|
2024-11-21 10:24 |
2011-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297900
|
- |
|
fuse
|
fuse
|
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0543
|
2024-11-21 10:24 |
2011-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
