|
300051
|
- |
|
mozilla
|
bugzilla
|
Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a clickable link for a (1) javascript: or (2) data: URI in the URL (aka bug_file_loc) field, which all…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0048
|
2024-11-21 10:23 |
2011-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300052
|
- |
|
mozilla
|
bugzilla
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authenticat…
|
CWE-352
Origin Validation Error
|
CVE-2011-0046
|
2024-11-21 10:23 |
2011-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300053
|
- |
|
openvas
|
openvas_manager
|
The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail ad…
|
CWE-20
Improper Input Validation
|
CVE-2011-0018
|
2024-11-21 10:23 |
2011-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300054
|
- |
|
videolan
|
vlc_media_player
|
Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0021
|
2024-11-21 10:23 |
2011-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300055
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent attackers to determine cleartext passwo…
|
CWE-310
Cryptographic Issues
|
CVE-2011-0009
|
2024-11-21 10:23 |
2011-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300056
|
- |
|
hp
|
openview_storage_data_protector_cell_manager
|
Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0273
|
2024-11-21 10:23 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300057
|
- |
|
collabnet
|
scrumworks
|
CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information …
|
CWE-310
Cryptographic Issues
|
CVE-2011-0410
|
2024-11-21 10:23 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300058
|
- |
|
cisco
|
linksys_wrt54gc_router
linksys_wrt54gc_router_firmware
|
Buffer overflow in the web-based management interface on the Cisco Linksys WRT54GC router with firmware before 1.06.1 allows remote attackers to cause a denial of service (device crash) via a long st…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0352
|
2024-11-21 10:23 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300059
|
- |
|
hp
|
business_availability_center
business_service_management
|
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Management (BSM) through 9.01, allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0274
|
2024-11-21 10:23 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300060
|
- |
|
pango
gnome
|
pango
|
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assis…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0020
|
2024-11-21 10:23 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
