|
301521
|
- |
|
matomo
|
matomo
|
Cookie.php in Piwik before 1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmiss…
|
CWE-16
Configuration
|
CVE-2011-0400
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301522
|
- |
|
matomo
|
matomo
|
Piwik before 1.1 does not prevent the rendering of the login form inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a craft…
|
NVD-CWE-Other
|
CVE-2011-0399
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301523
|
- |
|
matomo
|
matomo
|
The Piwik_Common::getIP function in Piwik before 1.1 does not properly determine the client IP address, which allows remote attackers to bypass intended geolocation and logging functionality via (1) …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0398
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301524
|
- |
|
matomo
|
matomo
|
Multiple cross-site scripting (XSS) vulnerabilities in Piwik before 1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-0004
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301525
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated …
|
NVD-CWE-Other
|
CVE-2011-0347
|
2024-11-21 10:23 |
2011-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301526
|
- |
|
microsoft
|
internet_explorer
|
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (…
|
CWE-399
Resource Management Errors
|
CVE-2011-0346
|
2024-11-21 10:23 |
2011-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301527
|
7.5 |
HIGH
Network
|
libvncserver_project
fedoraproject
|
libvncserver
fedora
|
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specia…
|
CWE-476
NULL Pointer Dereference
|
CVE-2010-5304
|
2024-11-21 10:22 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301528
|
7.5 |
HIGH
Network
|
edgewall
debian
|
trac
debian_linux
|
Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissio…
|
CWE-276
Incorrect Default Permissions
|
CVE-2010-5108
|
2024-11-21 10:22 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301529
|
- |
|
avast\!
|
avast\!_internet_security
|
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDIN…
|
CWE-189
Numeric Errors
|
CVE-2010-5075
|
2024-11-21 10:22 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301530
|
- |
|
tremulous
openarena
ioquake3
|
tremulous
openarena
ioquake3_engine
|
server/sv_main.c in Quake3 Arena, as used in ioquake3 before r1762, OpenArena, Tremulous, and other products, allows remote attackers to cause a denial of service (network traffic amplification) via …
|
CWE-20
Improper Input Validation
|
CVE-2010-5077
|
2024-11-21 10:22 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
