|
302911
|
- |
|
gplhost
|
domain_technologie_control
|
shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) before 0.32.9 allows remote authenticated users to delete arbitrary accounts via the edssh_acc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0437
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302912
|
- |
|
gplhost
|
domain_technologie_control
|
The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password in an e-mail message, which makes it easier for remote attack…
|
CWE-310
Cryptographic Issues
|
CVE-2011-0436
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302913
|
- |
|
gplhost
|
domain_technologie_control
|
Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially sens…
|
CWE-287
Improper Authentication
|
CVE-2011-0435
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302914
|
- |
|
gplhost
|
domain_technologie_control
|
Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php o…
|
CWE-89
SQL Injection
|
CVE-2011-0434
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302915
|
- |
|
hp
|
multifunction_peripheral_digital_sending_software
|
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to acce…
|
CWE-287
Improper Authentication
|
CVE-2011-0279
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302916
|
- |
|
mozilla
gnome
|
firefox
pango
|
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cau…
|
NVD-CWE-Other
|
CVE-2011-0064
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302917
|
- |
|
apple
|
itunes
|
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0192
|
2024-11-21 10:23 |
2011-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302918
|
- |
|
apple
|
itunes
|
Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0191
|
2024-11-21 10:23 |
2011-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302919
|
- |
|
apple
|
itunes
|
Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0170
|
2024-11-21 10:23 |
2011-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302920
|
- |
|
apple
|
itunes
webkit
|
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0168
|
2024-11-21 10:23 |
2011-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
