|
298081
|
- |
|
qnx
|
neutrino_rtos
|
The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environment variables when a program is spawned from a setuid program, whi…
|
CWE-59
Link Following
|
CVE-2011-4060
|
2024-11-21 10:31 |
2011-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298082
|
- |
|
plone
|
plone
cmfeditions
|
The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4030
|
2024-11-21 10:31 |
2011-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298083
|
- |
|
vmware
|
workstation
player
fusion
ams
|
Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafte…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3868
|
2024-11-21 10:31 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298084
|
- |
|
ibm
|
aix
|
The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors …
|
CWE-399
Resource Management Errors
|
CVE-2011-3982
|
2024-11-21 10:31 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298085
|
- |
|
google
|
chrome
|
Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecif…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3873
|
2024-11-21 10:31 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298086
|
- |
|
likno
|
allwebmenus_plugin
|
PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
|
CWE-94
Code Injection
|
CVE-2011-3981
|
2024-11-21 10:31 |
2011-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298087
|
- |
|
jerome_schneider
|
ameos_dragndropupload
|
Unspecified vulnerability in the Drag Drop Mass Upload (ameos_dragndropupload) extension 2.0.2 and earlier for TYPO3 allows remote attackers to upload arbitrary files via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2011-3980
|
2024-11-21 10:31 |
2011-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298088
|
- |
|
zikula
|
zikula_application_framework
|
Cross-site scripting (XSS) vulnerability in ztemp/view_compiled/Theme/theme_admin_setasdefault.php in the theme module in Zikula Application Framework 1.3.0 build 3168, 1.2.7, and probably other vers…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3979
|
2024-11-21 10:31 |
2011-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298089
|
- |
|
lightneasy
|
lightneasy
|
Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php in LightNEasy 3.2.4 allow remote authenticated users to inject arbitrary web script or HTML via the (1) commentemail, (2) comment…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3978
|
2024-11-21 10:31 |
2011-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298090
|
- |
|
nomachine
|
nx_server
nx_node
|
Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x before 3.5.0-4 and NX Server 3.x before 3.5.0-5 allows local users to read arbitrary files via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2011-3977
|
2024-11-21 10:31 |
2011-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
