|
299021
|
- |
|
iain
|
gypsy
|
gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0523
|
2024-11-21 10:24 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299022
|
- |
|
linux
|
linux_kernel
|
The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of servi…
|
CWE-399
Resource Management Errors
|
CVE-2011-0716
|
2024-11-21 10:24 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299023
|
- |
|
cyber-ark
|
password_vault_web_access
|
Cross-site scripting (XSS) vulnerability in Cyber-Ark Password Vault Web Access (PVWA) 5.0 and earlier, 5.5 through 5.5 patch 4, and 6.0 through 6.0 patch 2 allows remote attackers to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0459
|
2024-11-21 10:24 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299024
|
- |
|
symantec
|
im_manager
|
The management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "code injection issue."
|
CWE-94
Code Injection
|
CVE-2011-0554
|
2024-11-21 10:24 |
2011-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299025
|
- |
|
symantec
|
im_manager
|
SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2011-0553
|
2024-11-21 10:24 |
2011-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299026
|
- |
|
symantec
|
im_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager before 8.4.18 allow remote attackers to inject arbitrary web script or HTML via the (1) refreshRat…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0552
|
2024-11-21 10:24 |
2011-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299027
|
- |
|
microsoft
|
sharepoint_server
sharepoint_foundation
|
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010 Gold and SP1, and SharePoint Foundation 2010, allows remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0653
|
2024-11-21 10:24 |
2011-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299028
|
- |
|
fuse
|
fuse
|
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0543
|
2024-11-21 10:24 |
2011-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299029
|
- |
|
fuse
|
fuse
|
fusermount in fuse 2.8.5 and earlier does not perform a chdir to / before performing a mount or umount, which allows local users to unmount arbitrary directories via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0542
|
2024-11-21 10:24 |
2011-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299030
|
- |
|
fuse
|
fuse
|
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack.
|
CWE-59
Link Following
|
CVE-2011-0541
|
2024-11-21 10:24 |
2011-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
