|
302891
|
- |
|
arthurdejong
|
nss-pam-ldapd
|
nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success code when a user is not found in LDAP, which allows remote attackers to bypass authentication.
|
CWE-287
Improper Authentication
|
CVE-2011-0438
|
2024-11-21 10:23 |
2011-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302892
|
- |
|
mj2
|
majordomo_2
|
The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ./.../ sequence in th…
|
CWE-22
Path Traversal
|
CVE-2011-0063
|
2024-11-21 10:23 |
2011-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302893
|
- |
|
zaal
|
tgt
|
Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI target framework (tgt) before 1.0.14, aka scsi-target-utils, allows remote attac…
|
CWE-399
Resource Management Errors
|
CVE-2011-0001
|
2024-11-21 10:23 |
2011-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302894
|
- |
|
simon_pamies
|
pywebdav
|
Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL co…
|
CWE-89
SQL Injection
|
CVE-2011-0432
|
2024-11-21 10:23 |
2011-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302895
|
- |
|
hp
|
power_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Content…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0280
|
2024-11-21 10:23 |
2011-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302896
|
- |
|
apple
|
safari
webkit
|
WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the window.console._inspectorCommandLineAPI property, which allows user-assisted remote attackers to bypa…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0169
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302897
|
- |
|
apple
|
safari
webkit
|
The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0167
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302898
|
- |
|
apple
|
safari
webkit
|
The HTML5 drag and drop functionality in WebKit in Apple Safari before 5.0.4 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via vectors relate…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0166
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302899
|
- |
|
apple
|
safari
webkit
iphone_os
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecified "cached resources," which allows remote attackers to cause a denial of service (resource unavaila…
|
CWE-20
Improper Input Validation
|
CVE-2011-0163
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302900
|
- |
|
apple
|
iphone_os
apple_tv
tvos
|
Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properly perform bounds checking for Wi-Fi frames, which allows remote attackers to cause a denial of service (device reset) via unspeci…
|
CWE-20
Improper Input Validation
|
CVE-2011-0162
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
