|
302071
|
- |
|
banu
debian
|
tinyproxy
debian_linux
|
acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the orig…
|
CWE-16
Configuration
|
CVE-2011-1499
|
2024-11-21 10:26 |
2011-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302072
|
- |
|
broadcom
|
output_management_web_viewer
|
Multiple stack-based buffer overflows in the Web Viewer ActiveX controls in CA Output Management Web Viewer 11.0 and 11.5 allow remote attackers to execute arbitrary code via (1) a long SRC property …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1719
|
2024-11-21 10:26 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302073
|
- |
|
ca
broadcom
|
siteminder
|
The Web Agents component in CA SiteMinder R6 before SP6 CR2 and R12 before SP3 CR2 does not properly handle multi-line headers, which allows remote authenticated users to conduct impersonation attack…
|
CWE-20
Improper Input Validation
|
CVE-2011-1718
|
2024-11-21 10:26 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302074
|
- |
|
hp
|
network_automation
|
Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to obtain sensitive information via unknown vectors.
|
CWE-200
NVD-CWE-noinfo
Information Exposure
|
CVE-2011-1725
|
2024-11-21 10:26 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302075
|
- |
|
digium
|
asterisk
|
manager.c in the Manager Interface in Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x befo…
|
CWE-20
Improper Input Validation
|
CVE-2011-1599
|
2024-11-21 10:26 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302076
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file a…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1587
|
2024-11-21 10:26 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302077
|
- |
|
kde
|
kde_sc
|
Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitr…
|
CWE-22
Path Traversal
|
CVE-2011-1586
|
2024-11-21 10:26 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302078
|
- |
|
mediawiki
|
mediawiki
|
The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform imports from any wgImportSources wiki via a crafte…
|
CWE-20
Improper Input Validation
|
CVE-2011-1580
|
2024-11-21 10:26 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302079
|
- |
|
mediawiki
|
mediawiki
|
The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attacker…
|
CWE-20
Improper Input Validation
|
CVE-2011-1579
|
2024-11-21 10:26 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302080
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file a…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1578
|
2024-11-21 10:26 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
