|
299081
|
- |
|
moodle
|
moodle
|
mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote…
|
CWE-20
Improper Input Validation
|
CVE-2011-4302
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299082
|
- |
|
moodle
|
moodle
|
The MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not recognize Forms API setConstant operations, which…
|
NVD-CWE-noinfo
|
CVE-2011-4301
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299083
|
- |
|
moodle
|
moodle
|
The file_browser component in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not properly restrict access to category and course data, which allows remote attackers to obtain potentially sensi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4300
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299084
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via a wik…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4299
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299085
|
- |
|
moodle
|
moodle
|
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary…
|
CWE-352
Origin Validation Error
|
CVE-2011-4298
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299086
|
- |
|
linux
|
linux_kernel
|
The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pat…
|
NVD-CWE-noinfo
|
CVE-2011-4324
|
2024-11-21 10:32 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299087
|
- |
|
icu-project
|
international_components_for_unicode
|
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4599
|
2024-11-21 10:32 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299088
|
- |
|
canonical
|
ubuntu_linux
|
The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive infor…
|
CWE-20
Improper Input Validation
|
CVE-2011-4409
|
2024-11-21 10:32 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299089
|
- |
|
canonical
|
ubuntu_linux
|
The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or re…
|
NVD-CWE-Other
|
CVE-2011-4408
|
2024-11-21 10:32 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299090
|
- |
|
gnu
|
gnash
|
plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4328
|
2024-11-21 10:32 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
