|
302551
|
- |
|
chialab_\&_channelweb
|
bedita
|
Multiple cross-site request forgery (CSRF) vulnerabilities in BEdita before 3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create categories via a dat…
|
CWE-352
Origin Validation Error
|
CVE-2010-5315
|
2024-11-21 10:23 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302552
|
- |
|
chialab_\&_channelweb
|
bedita
|
Cross-site scripting (XSS) vulnerability in controllers/home_controller.php in BEdita before 3.1 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter to news/…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5314
|
2024-11-21 10:23 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302553
|
- |
|
linux
|
linux_kernel
|
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulatio…
|
CWE-362
Race Condition
|
CVE-2010-5313
|
2024-11-21 10:23 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302554
|
6.1 |
MEDIUM
Network
|
debian
jqueryui
fedoraproject
netapp
apache
drupal
|
debian_linux
jquery_ui
fedora
snapcenter
drill
drupal
|
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
|
CWE-79
Cross-site Scripting
|
CVE-2010-5312
|
2024-11-21 10:23 |
2014-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302555
|
- |
|
tetex
gnome
t1lib
|
tetex
evince
t1lib
|
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0433
|
2024-11-21 10:23 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302556
|
- |
|
linux
|
linux_kernel
|
The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Inte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0006
|
2024-11-21 10:23 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302557
|
- |
|
qemu
|
qemu
|
qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.
|
CWE-287
Improper Authentication
|
CVE-2011-0011
|
2024-11-21 10:23 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302558
|
- |
|
blackberry
|
blackberry_tablet_os
|
The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with software before 1.0.8.6067 allows local users to gain privileges via a crafted configuration file in a …
|
CWE-200
Information Exposure
|
CVE-2011-0291
|
2024-11-21 10:23 |
2011-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302559
|
- |
|
rim
|
blackberry_enterprise_server
|
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0290
|
2024-11-21 10:23 |
2011-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302560
|
- |
|
apple
|
mac_os_x_server
mac_os_x
|
The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does not prevent a system window from receiving keystrokes in the locked-screen state, which might allow physically proximate attacker…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0260
|
2024-11-21 10:23 |
2011-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
