|
301471
|
- |
|
openswan
|
openswan
|
Openswan 2.2.x does not properly restrict permissions for (1) /var/run/starter.pid, related to starter.c in the IPsec starter, and (2) /var/lock/subsys/ipsec, which allows local users to kill arbitra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2147
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301472
|
- |
|
tibco
|
iprocess_engine
iprocess_workspace
|
Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2011-2021
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301473
|
- |
|
tibco
|
iprocess_engine
iprocess_workspace
|
Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vec…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2020
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301474
|
- |
|
smartertools
|
smarterstats
|
Admin/frmSite.aspx in the SmarterTools SmarterStats 6.0 web server allows remote attackers to execute arbitrary commands via vectors involving a leading and trailing & (ampersand) character, and (1) …
|
CWE-78
OS Command
|
CVE-2011-2148
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301475
|
- |
|
twiki
|
twiki
|
Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.pm in TWiki before 5.0.2 allow remote attackers to inject arbitrary web script or HTML via the origurl parameter to a (1) view scr…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1838
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301476
|
- |
|
keepalived
|
keepalived
|
The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows loca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1784
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301477
|
- |
|
ibm
|
datacap_taskmaster_capture
|
The eDocument Conversion Actions implementation in IBM Datacap Taskmaster Capture 8.0.1 FP1 and earlier allows remote attackers to cause a denial of service (batch abort) via a long subject line in a…
|
CWE-399
Resource Management Errors
|
CVE-2011-2144
|
2024-11-21 10:27 |
2011-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301478
|
- |
|
ibm
|
datacap_taskmaster_capture
|
IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows Authentication is enabled, allows remote attackers to obtain login access by using an incorrect password in conjunction with an account n…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2143
|
2024-11-21 10:27 |
2011-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301479
|
- |
|
ibm
|
datacap_taskmaster_capture
|
The Web Client Service in IBM Datacap Taskmaster Capture 8.0.1 before FP1 requires a cleartext password, which has unspecified impact and attack vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2011-2142
|
2024-11-21 10:27 |
2011-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301480
|
- |
|
ibm
|
datacap_taskmaster_capture
|
SQL injection vulnerability in TMWeb in IBM Datacap Taskmaster Capture 8.0.1 before FP1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2011-2141
|
2024-11-21 10:27 |
2011-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
