|
299941
|
- |
|
sebastian_heinlein
canonical
|
aptdaemon
ubuntu_linux
|
Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full …
|
CWE-22
Path Traversal
|
CVE-2011-0725
|
2024-11-21 10:24 |
2011-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299942
|
- |
|
fedoraproject
redhat
|
389_directory_server
directory_server
|
The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0532
|
2024-11-21 10:24 |
2011-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299943
|
- |
|
gnu
|
mailman
|
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) user…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0707
|
2024-11-21 10:24 |
2011-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299944
|
- |
|
wouter_verhelst
|
nbd
|
Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0530
|
2024-11-21 10:24 |
2011-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299945
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers…
|
NVD-CWE-Other
|
CVE-2011-0694
|
2024-11-21 10:24 |
2011-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299946
|
- |
|
rubyonrails
|
rails
|
actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of availa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0449
|
2024-11-21 10:24 |
2011-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299947
|
- |
|
rubyonrails
|
rails
|
Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-num…
|
CWE-89
SQL Injection
|
CVE-2011-0448
|
2024-11-21 10:24 |
2011-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299948
|
- |
|
ubuntu
|
edubuntu
live_dvd
|
The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remot…
|
CWE-310
Cryptographic Issues
|
CVE-2011-0724
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299949
|
- |
|
debian
|
shadow
|
Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.
|
CWE-20
Improper Input Validation
|
CVE-2011-0721
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299950
|
- |
|
redhat
sun
|
icedtea-web
jdk
|
The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0706
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
