|
300291
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (syste…
|
CWE-399
Resource Management Errors
|
CVE-2011-2479
|
2024-11-21 10:28 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300292
|
- |
|
perl
|
perl
|
The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, whic…
|
NVD-CWE-Other
|
CVE-2011-2728
|
2024-11-21 10:28 |
2012-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300293
|
- |
|
vmware
|
springsource_spring_security
|
CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduc…
|
CWE-94
Code Injection
|
CVE-2011-2732
|
2024-11-21 10:28 |
2012-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300294
|
- |
|
vmware
|
springsource_spring_security
|
Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows a…
|
CWE-362
Race Condition
|
CVE-2011-2731
|
2024-11-21 10:28 |
2012-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300295
|
- |
|
springsource
|
spring_framework
|
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows re…
|
CWE-16
Configuration
|
CVE-2011-2730
|
2024-11-21 10:28 |
2012-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300296
|
- |
|
nspluginwrapper
|
nspluginwrapper
|
nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mod…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2486
|
2024-11-21 10:28 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300297
|
- |
|
tedfelix
|
acpid2
|
samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and earlier uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DB…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2777
|
2024-11-21 10:28 |
2012-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300298
|
- |
|
novell
|
zenworks_configuration_management
|
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to exe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2658
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300299
|
- |
|
novell
|
zenworks_configuration_management
|
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.…
|
CWE-22
Path Traversal
|
CVE-2011-2657
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300300
|
- |
|
systemtap
|
systemtap
|
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local u…
|
CWE-20
Improper Input Validation
|
CVE-2011-2503
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
