|
299591
|
- |
|
rubyonrails
|
rails
|
CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response sp…
|
CWE-94
Code Injection
|
CVE-2011-3186
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299592
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2932
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299593
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x b…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2931
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299594
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before …
|
CWE-89
SQL Injection
|
CVE-2011-2930
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299595
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.10 and 3.1.x before 3.1.0.rc6 does not properly handle glob characters, which…
|
CWE-20
Improper Input Validation
|
CVE-2011-2929
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299596
|
- |
|
pidgin
|
pidgin
|
gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message.
|
CWE-20
Improper Input Validation
|
CVE-2011-3185
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299597
|
- |
|
pidgin
|
pidgin
|
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause …
|
CWE-399
Resource Management Errors
|
CVE-2011-3184
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299598
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3181
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299599
|
- |
|
pidgin
|
pidgin
libpurple
|
The irc_msg_who function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 does not properly validate characters in nicknames, which allows user-assisted r…
|
NVD-CWE-Other
|
CVE-2011-2943
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299600
|
- |
|
linux
|
linux_kernel
|
The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (…
|
CWE-476
NULL Pointer Dereference
|
CVE-2011-2928
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
