|
294771
|
7.5 |
HIGH
Network
|
busybox
debian
canonical
|
busybox
debian_linux
ubuntu_linux
|
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
|
CWE-22
Path Traversal
|
CVE-2011-5325
|
2024-11-21 10:34 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294772
|
7.5 |
HIGH
Network
|
debian
enlightenment
|
debian_linux
imlib2
|
imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.
|
CWE-189
Numeric Errors
|
CVE-2011-5326
|
2024-11-21 10:34 |
2016-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294773
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and …
|
NVD-CWE-Other
|
CVE-2011-5321
|
2024-11-21 10:34 |
2016-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294774
|
- |
|
gehealthcare
|
centricity_pacs-iw
|
The TeraRecon server, as used in GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions, has a password of (1) shared for the shared user and (2) scan for the scan user, which…
|
CWE-255
Credentials Management
|
CVE-2011-5324
|
2024-11-21 10:34 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294775
|
- |
|
gehealthcare
|
centricity_pacs-iw
|
GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions has a password of A11enda1e for the sa SQL server user, which has unspecified impact and attack vectors. NOTE: it is no…
|
CWE-255
Credentials Management
|
CVE-2011-5323
|
2024-11-21 10:34 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294776
|
- |
|
gehealthcare
|
centricity_analytics_server
|
GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Server sa user, (2) G3car3s for the analyst user, (3) G3car3s for the ccg user, (4) V0yag3r for the vie…
|
CWE-255
Credentials Management
|
CVE-2011-5322
|
2024-11-21 10:34 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294777
|
- |
|
google
|
chrome
|
content/renderer/device_sensors/device_motion_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate accelerometer data, which makes it easier for remote at…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5319
|
2024-11-21 10:34 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294778
|
- |
|
diafan
|
diafan.cms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in diafan.CMS before 5.1 allow remote attackers to hijack the authentication of administrators for requests that (1) modify articles via a s…
|
CWE-352
Origin Validation Error
|
CVE-2011-5318
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294779
|
- |
|
wondercms
|
wondercms
|
Cross-site scripting (XSS) vulnerability in editText.php in WonderCMS before 0.4 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5317
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294780
|
- |
|
cambio_project
|
cambio
|
Cross-site request forgery (CSRF) vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentia…
|
CWE-352
Origin Validation Error
|
CVE-2011-5316
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
