|
297531
|
- |
|
mozilla
|
bugzilla
|
CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote at…
|
CWE-94
Code Injection
|
CVE-2011-2381
|
2024-11-21 10:28 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297532
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existen…
|
CWE-200
Information Exposure
|
CVE-2011-2380
|
2024-11-21 10:28 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297533
|
- |
|
mozilla
|
bugzilla
|
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when I…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2379
|
2024-11-21 10:28 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297534
|
- |
|
clamav
|
clamav
|
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is n…
|
CWE-189
Numeric Errors
|
CVE-2011-2721
|
2024-11-21 10:28 |
2011-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297535
|
- |
|
glpi-project
|
glpi
|
The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST reques…
|
CWE-200
Information Exposure
|
CVE-2011-2720
|
2024-11-21 10:28 |
2011-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297536
|
- |
|
ruby-lang
|
ruby
|
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependen…
|
CWE-20
Improper Input Validation
|
CVE-2011-2705
|
2024-11-21 10:28 |
2011-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297537
|
- |
|
ruby-lang
|
ruby
|
Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number…
|
CWE-310
Cryptographic Issues
|
CVE-2011-2686
|
2024-11-21 10:28 |
2011-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297538
|
- |
|
provideo
|
alarm_activex_control
paxplayer_activex_control
gmax_activex_control
|
Multiple buffer overflows in the Provideo ActiveX controls allow remote attackers to execute arbitrary code via crafted input fields, as demonstrated by (1) a long strIp argument to the voice method …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2591
|
2024-11-21 10:28 |
2011-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297539
|
- |
|
urbanterror
ioquake3
tremulous
smokin-guns
worldofpadman
openarena
|
iourbanterror
ioquake3_engine
tremulous
smokin\'_guns
world_of_padman
openarena
|
The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not pr…
|
CWE-20
Improper Input Validation
|
CVE-2011-2764
|
2024-11-21 10:28 |
2011-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297540
|
- |
|
freeradius
|
freeradius
|
The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by us…
|
CWE-287
Improper Authentication
|
CVE-2011-2701
|
2024-11-21 10:28 |
2011-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
