|
296061
|
- |
|
oneorzero
|
aims
|
SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variabl…
|
CWE-89
SQL Injection
|
CVE-2011-4215
|
2024-11-21 10:32 |
2011-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296062
|
- |
|
oneorzero
|
aims
|
OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie.
|
CWE-287
Improper Authentication
|
CVE-2011-4214
|
2024-11-21 10:32 |
2011-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296063
|
- |
|
google
|
app_engine_python_sdk
|
The sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly prevent use of the os module, which allows local users to bypass intended access restrictions and execute ar…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4213
|
2024-11-21 10:32 |
2011-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296064
|
- |
|
google
|
app_engine_python_sdk
|
The sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly prevent os.popen calls, which allows local users to bypass intended access restrictions and execute arbitrar…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4212
|
2024-11-21 10:32 |
2011-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296065
|
- |
|
google
|
app_engine_python_sdk
|
The FakeFile implementation in the sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly control the opening of files, which allows local users to bypass intended acc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4211
|
2024-11-21 10:32 |
2011-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296066
|
8.1 |
HIGH
Network
|
calibre-ebook
|
calibre
|
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere.
|
-
|
CVE-2011-4126
|
2024-11-21 10:31 |
2021-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296067
|
9.8 |
CRITICAL
Network
|
calibre-ebook
|
calibre
|
A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root.
|
-
|
CVE-2011-4125
|
2024-11-21 10:31 |
2021-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296068
|
9.8 |
CRITICAL
Network
|
calibre-ebook
|
calibre
|
Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and elevation of privileges.
|
-
|
CVE-2011-4124
|
2024-11-21 10:31 |
2021-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296069
|
9.8 |
CRITICAL
Network
|
inria
|
caml-light
|
caml-light <= 0.75 uses mktemp() insecurely, and also does unsafe things in /tmp during make install.
|
-
|
CVE-2011-4119
|
2024-11-21 10:31 |
2021-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296070
|
7.5 |
HIGH
Network
|
google
|
android
|
Android SQLite Journal before 4.0.1 has an information disclosure vulnerability.
|
CWE-200
Information Exposure
|
CVE-2011-3901
|
2024-11-21 10:31 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
