|
301601
|
- |
|
rubyonrails
|
rails
|
actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of availa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0449
|
2024-11-21 10:24 |
2011-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301602
|
- |
|
rubyonrails
|
rails
|
Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-num…
|
CWE-89
SQL Injection
|
CVE-2011-0448
|
2024-11-21 10:24 |
2011-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301603
|
- |
|
ubuntu
|
edubuntu
live_dvd
|
The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remot…
|
CWE-310
Cryptographic Issues
|
CVE-2011-0724
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301604
|
- |
|
debian
|
shadow
|
Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.
|
CWE-20
Improper Input Validation
|
CVE-2011-0721
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301605
|
- |
|
redhat
sun
|
icedtea-web
jdk
|
The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0706
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301606
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly ha…
|
CWE-120
Classic Buffer Overflow
|
CVE-2011-0712
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301607
|
- |
|
linux
|
linux_kernel
|
The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitra…
|
CWE-200
Information Exposure
|
CVE-2011-0710
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301608
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an I…
|
CWE-476
NULL Pointer Dereference
|
CVE-2011-0709
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301609
|
- |
|
f-secure
|
internet_gatekeeper
|
F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP ses…
|
CWE-287
Improper Authentication
|
CVE-2011-0453
|
2024-11-21 10:24 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301610
|
- |
|
apache
|
continuum
archiva
|
Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.22 allows remote attackers to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0533
|
2024-11-21 10:24 |
2011-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
