|
302811
|
- |
|
ibm
|
db2
|
IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL state…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0757
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302812
|
- |
|
linux
|
linux_kernel
|
The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0521
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302813
|
- |
|
php
|
php
|
Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, a…
|
CWE-189
Numeric Errors
|
CVE-2011-0755
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302814
|
- |
|
php
|
php
|
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to con…
|
CWE-59
Link Following
|
CVE-2011-0754
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302815
|
- |
|
php
|
php
|
Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a la…
|
CWE-362
Race Condition
|
CVE-2011-0753
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302816
|
- |
|
php
|
php
|
The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent…
|
CWE-20
Improper Input Validation
|
CVE-2011-0752
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302817
|
- |
|
novell
|
zenworks_handheld_management
|
Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0742
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302818
|
- |
|
modxcms
|
evolution
|
Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) installer or (2) image editor.
|
CWE-79
Cross-site Scripting
|
CVE-2011-0741
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302819
|
- |
|
pleer
|
rss_feed_reader
|
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url para…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0740
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302820
|
- |
|
mikel_lindsaar
|
mail
|
The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell…
|
CWE-20
Improper Input Validation
|
CVE-2011-0739
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
