|
295411
|
7.3 |
HIGH
Network
|
gnome
|
evolution-data-server3
|
evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server.…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2011-3355
|
2024-11-21 10:30 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295412
|
7.1 |
HIGH
Local
|
openvas
|
openvas-scanner
|
openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics document with the ovaldi integrated tool enabled. A local attacker could use this fla…
|
CWE-59
Link Following
|
CVE-2011-3351
|
2024-11-21 10:30 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295413
|
4.8 |
MEDIUM
Network
|
ziku
|
zikula
|
Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes. A remote attacker with Zikula adm…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3352
|
2024-11-21 10:30 |
2019-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295414
|
9.8 |
CRITICAL
Network
|
marmaro
|
masqmail
|
masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2011-3350
|
2024-11-21 10:30 |
2019-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295415
|
7.8 |
HIGH
Local
|
lightdm_project
|
lightdm
|
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can a…
|
CWE-269
Improper Privilege Management
|
CVE-2011-3349
|
2024-11-21 10:30 |
2019-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295416
|
7.8 |
HIGH
Local
|
atop_project
debian
|
atop
debian_linux
|
atop: symlink attack possible due to insecure tempfile handling
|
CWE-59
Link Following
|
CVE-2011-3618
|
2024-11-21 10:30 |
2019-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295417
|
6.1 |
MEDIUM
Network
|
status
|
statusnet
|
statusnet before 0.9.9 has XSS
|
CWE-79
Cross-site Scripting
|
CVE-2011-3370
|
2024-11-21 10:30 |
2019-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295418
|
5.5 |
MEDIUM
Local
|
symantec
|
norton_360
norton_ghost
backup_exec_system_recovery
system_recovery_2011
|
GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local …
|
CWE-20
Improper Input Validation
|
CVE-2011-3477
|
2024-11-21 10:30 |
2018-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295419
|
8.8 |
HIGH
Network
|
apple
|
safari
|
WebKit, as used in Safari 5.0.6, allows remote attackers to cause a denial of service (process crash) or arbitrary code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3438
|
2024-11-21 10:30 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295420
|
9.8 |
CRITICAL
Network
|
apple
|
quicktime
|
Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3428
|
2024-11-21 10:30 |
2017-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
