|
297591
|
- |
|
joomla
|
joomla\!
|
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the com_contact component, as dem…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2509
|
2024-11-21 10:28 |
2011-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297592
|
- |
|
videolan
|
vlc_media_player
|
Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (app…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2587
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297593
|
- |
|
nrl
|
opie
|
opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already …
|
CWE-20
Improper Input Validation
|
CVE-2011-2490
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297594
|
- |
|
nrl
|
opie
|
Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.
|
CWE-189
Numeric Errors
|
CVE-2011-2489
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297595
|
- |
|
likewise
|
likewise_open
|
SQL injection vulnerability in lsassd in Lsass in the Likewise Security Authority in Likewise Open 5.4 through 6.1, and Likewise Enterprise 6.0, allows local users to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2011-2467
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297596
|
- |
|
libreoffice
|
libreoffice
|
Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2685
|
2024-11-21 10:28 |
2011-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297597
|
7.8 |
HIGH
Local
|
redhat
fedoraproject
|
system-config-firewall
fedora
|
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privil…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2011-2520
|
2024-11-21 10:28 |
2011-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297598
|
- |
|
chyrp
|
chyrp
|
Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability t…
|
CWE-22
Path Traversal
|
CVE-2011-2780
|
2024-11-21 10:28 |
2011-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297599
|
- |
|
hp
|
arcsight_c5400_appliance
arcsight_c5200_appliance
arcsight_c3200_appliance
arcsight_c3400_appliance
arcsight_c1300_appliance
arcsight_c1000_appliance
windows_event_log_smartconnector
|
Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2779
|
2024-11-21 10:28 |
2011-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297600
|
- |
|
chyrp
|
chyrp
|
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the action parameter to (1) the default URI or (2) inclu…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2743
|
2024-11-21 10:28 |
2011-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
