|
299091
|
- |
|
bestpractical
|
rt
|
SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a…
|
CWE-89
SQL Injection
|
CVE-2011-4460
|
2024-11-21 10:32 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299092
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic ci…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4459
|
2024-11-21 10:32 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299093
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and 4.x before 4.0.6, when the VERPPrefix and VERPDomain options are enabled, allows remote attackers to execute arbitrary code via u…
|
CWE-94
Code Injection
|
CVE-2011-4458
|
2024-11-21 10:32 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299094
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes co…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2011-4621
|
2024-11-21 10:32 |
2012-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299095
|
- |
|
linux
|
linux_kernel
|
Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhan…
|
CWE-189
Numeric Errors
|
CVE-2011-4611
|
2024-11-21 10:32 |
2012-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299096
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an inc…
|
CWE-476
NULL Pointer Dereference
|
CVE-2011-4594
|
2024-11-21 10:32 |
2012-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299097
|
- |
|
linux
avaya
|
linux_kernel
96x1_ip_deskphone_firmware
|
The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial …
|
CWE-399
Resource Management Errors
|
CVE-2011-4326
|
2024-11-21 10:32 |
2012-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299098
|
- |
|
cisco
|
ciscoworks_common_services
|
CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Cisco Prime LAN Management Solution and other products, allows remote attackers to inject arbitrary H…
|
CWE-94
Code Injection
|
CVE-2011-4237
|
2024-11-21 10:32 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299099
|
- |
|
cisco
|
unified_meetingplace
|
The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate direc…
|
CWE-200
Information Exposure
|
CVE-2011-4232
|
2024-11-21 10:32 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299100
|
- |
|
cisco
|
ios
ios_xe
|
Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hub with X.509 certificates in use, allows remote authenticated users to cause a denial of service (segmentation fault and device c…
|
CWE-20
Improper Input Validation
|
CVE-2011-4231
|
2024-11-21 10:32 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
