|
299091
|
- |
|
umich
|
libgssglue
libgssapi
|
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment va…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2709
|
2024-11-21 10:28 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299092
|
- |
|
qemu
|
qemu
|
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted fi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2527
|
2024-11-21 10:28 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299093
|
- |
|
kvm_group
|
qemu-kvm
|
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitr…
|
CWE-20
Improper Input Validation
|
CVE-2011-2512
|
2024-11-21 10:28 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299094
|
- |
|
cisco
|
spa8000_8-port_ip_telephony_gateway_firmware
spa8000_8-port_ip_telephony_gateway
spa8800_8-port_ip_telephony_gateway_firmware
spa8800_ip_telephony_gateway
spa2102_phone_adapter_with_route…
|
Cross-site scripting (XSS) vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows …
|
CWE-79
Cross-site Scripting
|
CVE-2011-2545
|
2024-11-21 10:28 |
2012-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299095
|
- |
|
linux
|
linux_kernel
|
Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system c…
|
CWE-189
Numeric Errors
|
CVE-2011-2496
|
2024-11-21 10:28 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299096
|
- |
|
linux
|
linux_kernel
|
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonst…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2495
|
2024-11-21 10:28 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299097
|
- |
|
linux
|
linux_kernel
|
kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of…
|
CWE-200
Information Exposure
|
CVE-2011-2494
|
2024-11-21 10:28 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299098
|
- |
|
linux
|
linux_kernel
|
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of ser…
|
NVD-CWE-Other
|
CVE-2011-2493
|
2024-11-21 10:28 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299099
|
- |
|
hp
|
linux_imaging_and_printing_project
|
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /t…
|
CWE-59
Link Following
|
CVE-2011-2722
|
2024-11-21 10:28 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299100
|
6.0 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel …
|
CWE-200
Information Exposure
|
CVE-2011-2707
|
2024-11-21 10:28 |
2012-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
