|
296641
|
- |
|
rhythm
|
tcptrack
|
Heap-based buffer overflow in tcptrack before 1.4.2 might allow attackers to execute arbitrary code via a long command line argument. NOTE: this is only a vulnerability in limited scenarios in which …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2903
|
2024-11-21 10:29 |
2011-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296642
|
- |
|
apache
|
tomcat
|
Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP reque…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3190
|
2024-11-21 10:29 |
2011-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296643
|
- |
|
redhat
|
system-config-printer
|
pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) Net…
|
CWE-20
Improper Input Validation
|
CVE-2011-2899
|
2024-11-21 10:29 |
2011-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296644
|
- |
|
rubyonrails
|
rails
|
The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip.rb in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For header in requests from IP addresses on a Class C network, which…
|
CWE-20
Improper Input Validation
|
CVE-2011-3187
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296645
|
- |
|
rubyonrails
|
rails
|
CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response sp…
|
CWE-94
Code Injection
|
CVE-2011-3186
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296646
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2932
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296647
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x b…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2931
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296648
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before …
|
CWE-89
SQL Injection
|
CVE-2011-2930
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296649
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.10 and 3.1.x before 3.1.0.rc6 does not properly handle glob characters, which…
|
CWE-20
Improper Input Validation
|
CVE-2011-2929
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296650
|
- |
|
pidgin
|
pidgin
|
gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message.
|
CWE-20
Improper Input Validation
|
CVE-2011-3185
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
