|
299671
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-…
|
CWE-20
Improper Input Validation
|
CVE-2011-2978
|
2024-11-21 10:29 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299672
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain …
|
NVD-CWE-Other
|
CVE-2011-2977
|
2024-11-21 10:29 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299673
|
- |
|
mozilla
|
bugzilla
|
Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote attackers to inject arbitrary web script or HTML via vectors in…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2976
|
2024-11-21 10:29 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299674
|
- |
|
ruby-lang
|
ruby
|
Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number…
|
CWE-310
Cryptographic Issues
|
CVE-2011-3009
|
2024-11-21 10:29 |
2011-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299675
|
- |
|
avaya
|
secure_access_link_gateway
|
The default configuration of Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 contains certain domain names in the Secondary Core Server URL and Secondary Remote Server URL fields, which allo…
|
CWE-16
Configuration
|
CVE-2011-3008
|
2024-11-21 10:29 |
2011-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299676
|
- |
|
valenok
shttpd
yassl
|
mongoose
shttpd
yasslews
|
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2900
|
2024-11-21 10:29 |
2011-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299677
|
- |
|
google
apple
|
chrome
iphone_os
safari
|
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI.
|
NVD-CWE-noinfo
|
CVE-2011-2819
|
2024-11-21 10:29 |
2011-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299678
|
- |
|
google
apple
debian
|
chrome
iphone_os
itunes
safari
debian_linux
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box ren…
|
CWE-416
Use After Free
|
CVE-2011-2818
|
2024-11-21 10:29 |
2011-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299679
|
- |
|
google
apple
|
chrome
iphone_os
safari
|
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.
|
CWE-74
Injection
|
CVE-2011-2805
|
2024-11-21 10:29 |
2011-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299680
|
- |
|
google
|
chrome
|
Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecifi…
|
CWE-20
Improper Input Validation
|
CVE-2011-2804
|
2024-11-21 10:29 |
2011-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
