|
300131
|
- |
|
gnu
redhat
|
glibc
enterprise_linux
|
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in …
|
NVD-CWE-Other
|
CVE-2011-0536
|
2024-11-21 10:24 |
2011-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300132
|
- |
|
x
matthias_hopf
|
x11
xrdb
|
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
|
CWE-20
Improper Input Validation
|
CVE-2011-0465
|
2024-11-21 10:24 |
2011-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300133
|
- |
|
opensuse
|
opensuse
|
The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab ex…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0468
|
2024-11-21 10:24 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300134
|
- |
|
opensuse
|
opensuse
|
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attac…
|
CWE-59
Link Following
|
CVE-2011-0461
|
2024-11-21 10:24 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300135
|
- |
|
t1lib
foolabs
glyphandcog
|
t1lib
xpdf
xpdfreader
|
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbit…
|
CWE-20
Improper Input Validation
|
CVE-2011-0764
|
2024-11-21 10:24 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300136
|
- |
|
gnome
|
gdm
|
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
|
CWE-59
Link Following
|
CVE-2011-0727
|
2024-11-21 10:24 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300137
|
- |
|
michael_hudson-doyle
|
loggerhead
|
Cross-site scripting (XSS) vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows remote authenticated users to inject arbitrary web script or HTML via a filename, which is not prop…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0728
|
2024-11-21 10:24 |
2011-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300138
|
- |
|
adminofsystem
|
wp_related_posts
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration screen in wp-relatedposts.php in the WP Related Posts plugin 1.0 for WordPress allow remote attackers to hijack the aut…
|
CWE-352
Origin Validation Error
|
CVE-2011-0760
|
2024-11-21 10:24 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300139
|
- |
|
symantec
|
liveupdate_administrator
|
Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests…
|
CWE-352
Origin Validation Error
|
CVE-2011-0545
|
2024-11-21 10:24 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300140
|
- |
|
google
|
picasa
|
Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
|
NVD-CWE-Other
|
CVE-2011-0458
|
2024-11-21 10:24 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
