|
300481
|
- |
|
springsource
|
spring_framework
|
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows re…
|
CWE-16
Configuration
|
CVE-2011-2730
|
2024-11-21 10:28 |
2012-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300482
|
- |
|
nspluginwrapper
|
nspluginwrapper
|
nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mod…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2486
|
2024-11-21 10:28 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300483
|
- |
|
tedfelix
|
acpid2
|
samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and earlier uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DB…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2777
|
2024-11-21 10:28 |
2012-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300484
|
- |
|
novell
|
zenworks_configuration_management
|
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to exe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2658
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300485
|
- |
|
novell
|
zenworks_configuration_management
|
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.…
|
CWE-22
Path Traversal
|
CVE-2011-2657
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300486
|
- |
|
systemtap
|
systemtap
|
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local u…
|
CWE-20
Improper Input Validation
|
CVE-2011-2503
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300487
|
- |
|
systemtap
|
systemtap
|
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, wh…
|
CWE-20
Improper Input Validation
|
CVE-2011-2502
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300488
|
- |
|
t-mobile
busybox
|
tm-ac1900
busybox
|
The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP…
|
CWE-20
Improper Input Validation
|
CVE-2011-2716
|
2024-11-21 10:28 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300489
|
- |
|
gnome
|
gdk-pixbuf
|
The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (…
|
NVD-CWE-Other
|
CVE-2011-2485
|
2024-11-21 10:28 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300490
|
- |
|
umich
|
libgssglue
libgssapi
|
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment va…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2709
|
2024-11-21 10:28 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
