|
300451
|
- |
|
chyrp
|
chyrp
|
upload_handler.php in the swfupload extension in Chyrp 2.0 and earlier relies on client-side JavaScript code to restrict the file extensions of uploaded files, which allows remote authenticated users…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2745
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300452
|
- |
|
mega-nerd
|
libsndfile
|
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2696
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300453
|
- |
|
drupal
|
drupal
|
Drupal 7.x before 7.3 allows remote attackers to bypass intended node_access restrictions via vectors related to a listing that shows nodes but lacks a JOIN clause for the node table.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2687
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300454
|
- |
|
videolan
|
vlc_media_player
|
Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (applicati…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2588
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300455
|
- |
|
joomla
|
joomla\!
|
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the com_contact component, as dem…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2509
|
2024-11-21 10:28 |
2011-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300456
|
- |
|
videolan
|
vlc_media_player
|
Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (app…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2587
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300457
|
- |
|
nrl
|
opie
|
opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already …
|
CWE-20
Improper Input Validation
|
CVE-2011-2490
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300458
|
- |
|
nrl
|
opie
|
Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.
|
CWE-189
Numeric Errors
|
CVE-2011-2489
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300459
|
- |
|
likewise
|
likewise_open
|
SQL injection vulnerability in lsassd in Lsass in the Likewise Security Authority in Likewise Open 5.4 through 6.1, and Likewise Enterprise 6.0, allows local users to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2011-2467
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300460
|
- |
|
libreoffice
|
libreoffice
|
Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2685
|
2024-11-21 10:28 |
2011-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
