|
294961
|
- |
|
djangoproject
|
tastypie
|
The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to …
|
CWE-20
Improper Input Validation
|
CVE-2011-4104
|
2024-11-21 10:31 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294962
|
- |
|
djangoproject
|
piston
|
emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the y…
|
CWE-20
Improper Input Validation
|
CVE-2011-4103
|
2024-11-21 10:31 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294963
|
- |
|
bzip
|
bzip2
|
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by prec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4089
|
2024-11-21 10:31 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294964
|
- |
|
redhat
qemu
|
enterprise_linux_server_supplementary
enterprise_linux
qemu
|
Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4111
|
2024-11-21 10:31 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294965
|
- |
|
redhat
|
sos
|
The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4083
|
2024-11-21 10:31 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294966
|
- |
|
oracle
armin_burgmeier
opensuse_project
opensuse
|
solaris
net6
opensuse
|
Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections un…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2011-4093
|
2024-11-21 10:31 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294967
|
- |
|
ubuntu_developers
|
obby
|
obby (aka libobby) does not verify SSL server certificates, which allows remote attackers to spoof servers via an arbitrary certificate.
|
CWE-20
Improper Input Validation
|
CVE-2011-4092
|
2024-11-21 10:31 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294968
|
- |
|
opensuse
oracle
armin_burgmeier
|
opensuse
solaris
net6
|
The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information s…
|
CWE-287
Improper Authentication
|
CVE-2011-4091
|
2024-11-21 10:31 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294969
|
- |
|
libcap
|
libcap
|
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4099
|
2024-11-21 10:31 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294970
|
- |
|
ffmpeg
|
ffmpeg
|
The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pictures number.
|
NVD-CWE-noinfo
|
CVE-2011-3950
|
2024-11-21 10:31 |
2013-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
