|
299011
|
8.8 |
HIGH
Network
|
batavi
|
batavi
|
Batavi before 1.0 has CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2011-0525
|
2024-11-21 10:24 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299012
|
7.5 |
HIGH
Network
|
weborf_project
debian
|
weborf
debian_linux
|
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.
|
CWE-20
Improper Input Validation
|
CVE-2011-0529
|
2024-11-21 10:24 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299013
|
9.8 |
CRITICAL
Network
|
gksu-polkit_project
debian
|
gksu-polkit
debian_linux
|
In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session.
|
CWE-20
Improper Input Validation
|
CVE-2011-0703
|
2024-11-21 10:24 |
2019-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299014
|
6.1 |
MEDIUM
Network
|
phpbb
debian
|
phpbb
debian_linux
|
phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag.
|
CWE-79
Cross-site Scripting
|
CVE-2011-0544
|
2024-11-21 10:24 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299015
|
8.8 |
HIGH
Network
|
suse
|
studio_onsite_appliance
studio_onsite
|
A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected…
|
CWE-89
SQL Injection
|
CVE-2011-0467
|
2024-11-21 10:24 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299016
|
5.9 |
MEDIUM
Network
|
fedoraproject
|
389_directory_server
|
389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request.
|
CWE-20
Improper Input Validation
|
CVE-2011-0704
|
2024-11-21 10:24 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299017
|
9.8 |
CRITICAL
Network
|
suse
|
opensuse
|
Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011.
|
CWE-94
Code Injection
|
CVE-2011-0469
|
2024-11-21 10:24 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299018
|
- |
|
kbd-project
opensuse
|
kbd
opensuse
|
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.
|
CWE-59
Link Following
|
CVE-2011-0460
|
2024-11-21 10:24 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299019
|
- |
|
puppet
|
puppet
|
Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0528
|
2024-11-21 10:24 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299020
|
- |
|
iain
|
gypsy
|
Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0524
|
2024-11-21 10:24 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
