|
295681
|
- |
|
php
|
php
|
Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4718
|
2024-11-21 10:32 |
2013-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295682
|
- |
|
linux
|
linux_kernel
|
Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some envir…
|
CWE-362
Race Condition
|
CVE-2011-4348
|
2024-11-21 10:32 |
2013-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295683
|
- |
|
linux
|
linux_kernel
|
The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resource…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4347
|
2024-11-21 10:32 |
2013-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295684
|
- |
|
linux
|
linux_kernel
|
The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4604
|
2024-11-21 10:32 |
2013-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295685
|
- |
|
microsys
|
promotic
|
Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4520
|
2024-11-21 10:32 |
2013-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295686
|
- |
|
microsys
|
promotic
|
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4519
|
2024-11-21 10:32 |
2013-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295687
|
- |
|
microsys
|
promotic
|
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2011-4518
|
2024-11-21 10:32 |
2013-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295688
|
- |
|
gnu
|
glibc
|
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.
|
CWE-399
Resource Management Errors
|
CVE-2011-4609
|
2024-11-21 10:32 |
2013-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295689
|
- |
|
siemens
|
wincc_tia_portal
|
Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive informatio…
|
CWE-255
Credentials Management
|
CVE-2011-4515
|
2024-11-21 10:32 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295690
|
- |
|
dovecot
|
dovecot
|
Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Comm…
|
CWE-20
Improper Input Validation
|
CVE-2011-4318
|
2024-11-21 10:32 |
2013-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
