|
298031
|
- |
|
opensuse
|
opensuse
|
The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab ex…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0468
|
2024-11-21 10:24 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298032
|
- |
|
opensuse
|
opensuse
|
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attac…
|
CWE-59
Link Following
|
CVE-2011-0461
|
2024-11-21 10:24 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298033
|
- |
|
t1lib
foolabs
glyphandcog
|
t1lib
xpdf
xpdfreader
|
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbit…
|
CWE-20
Improper Input Validation
|
CVE-2011-0764
|
2024-11-21 10:24 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298034
|
- |
|
gnome
|
gdm
|
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
|
CWE-59
Link Following
|
CVE-2011-0727
|
2024-11-21 10:24 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298035
|
- |
|
michael_hudson-doyle
|
loggerhead
|
Cross-site scripting (XSS) vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows remote authenticated users to inject arbitrary web script or HTML via a filename, which is not prop…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0728
|
2024-11-21 10:24 |
2011-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298036
|
- |
|
adminofsystem
|
wp_related_posts
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration screen in wp-relatedposts.php in the WP Related Posts plugin 1.0 for WordPress allow remote attackers to hijack the aut…
|
CWE-352
Origin Validation Error
|
CVE-2011-0760
|
2024-11-21 10:24 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298037
|
- |
|
symantec
|
liveupdate_administrator
|
Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests…
|
CWE-352
Origin Validation Error
|
CVE-2011-0545
|
2024-11-21 10:24 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298038
|
- |
|
google
|
picasa
|
Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
|
NVD-CWE-Other
|
CVE-2011-0458
|
2024-11-21 10:24 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298039
|
- |
|
blaenkdenum
|
wp-recaptcha
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration page in the Recaptcha (aka WP-reCAPTCHA) plugin 2.9.8.2 for WordPress allow remote attackers to hijack the authenticati…
|
CWE-352
Origin Validation Error
|
CVE-2011-0759
|
2024-11-21 10:24 |
2011-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298040
|
- |
|
php
|
php
|
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0708
|
2024-11-21 10:24 |
2011-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
