|
297731
|
- |
|
ibm
|
tivoli_management_framework
|
Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified "built-in account" that is "trivially" accessed, which makes it easier for remote attackers to send …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2330
|
2024-11-21 10:28 |
2011-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297732
|
- |
|
apache
|
rampart\/c
|
The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2329
|
2024-11-21 10:28 |
2011-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297733
|
- |
|
hp
|
loadrunner
|
Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2328
|
2024-11-21 10:28 |
2011-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297734
|
9.8 |
CRITICAL
Network
|
websvn
|
websvn
|
A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed 'path' argument…
|
CWE-78
OS Command
|
CVE-2011-2195
|
2024-11-21 10:27 |
2021-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297735
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2011-1805
|
2024-11-21 10:27 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297736
|
7.5 |
HIGH
Network
|
cisco
|
asa_5500_firmware
asa_5510_firmware
asa_5512-x_firmware
asa_5515-x_firmware
asa_5520_firmware
asa_5525-x_firmware
asa_5540_firmware
asa_5545-x_firmware
asa_5550_firmware
as…
|
A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is…
|
CWE-287
Improper Authentication
|
CVE-2011-2054
|
2024-11-21 10:27 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297737
|
5.3 |
MEDIUM
Network
|
gnupg
redhat
debian
|
gnupg
enterprise_linux
debian_linux
|
dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.
|
CWE-295
Improper Certificate Validation
|
CVE-2011-2207
|
2024-11-21 10:27 |
2019-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297738
|
7.8 |
HIGH
Local
|
xscreensaver_project
debian
|
xscreensaver
debian_linux
|
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank Only Mode and when DPMS is disabled, which allows local attackers to access resources without authentic…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2011-2187
|
2024-11-21 10:27 |
2019-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297739
|
7.8 |
HIGH
Local
|
apache
|
openoffice
|
OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools.
|
NVD-CWE-noinfo
|
CVE-2011-2177
|
2024-11-21 10:27 |
2019-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297740
|
9.8 |
CRITICAL
Network
|
zend
php
debian
|
zend_framework
php
debian_linux
|
SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.
|
CWE-89
SQL Injection
|
CVE-2011-1939
|
2024-11-21 10:27 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
