|
301041
|
- |
|
postrev
|
post_revolution
|
common.php in Post Revolution before 0.8.0c-2 allows remote attackers to cause a denial of service (infinite loop) via malformed HTML markup, as demonstrated by an a< sequence.
|
CWE-399
Resource Management Errors
|
CVE-2011-1952
|
2024-11-21 10:27 |
2011-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301042
|
- |
|
plone
|
plone
|
plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1950
|
2024-11-21 10:27 |
2011-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301043
|
- |
|
plone
|
plone
|
Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via uns…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1949
|
2024-11-21 10:27 |
2011-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301044
|
- |
|
plone
|
plone
|
Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2011-1948
|
2024-11-21 10:27 |
2011-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301045
|
- |
|
apache
|
subversion
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1921
|
2024-11-21 10:27 |
2011-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301046
|
- |
|
vmware
|
workstation
player
fusion
esx
esxi
|
Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.…
|
CWE-362
Race Condition
|
CVE-2011-1787
|
2024-11-21 10:27 |
2011-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301047
|
- |
|
apache
canonical
debian
fedoraproject
apple
|
subversion
ubuntu_linux
debian_linux
fedora
mac_os_x
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to…
|
NVD-CWE-noinfo
|
CVE-2011-1783
|
2024-11-21 10:27 |
2011-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301048
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain pri…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2041
|
2024-11-21 10:27 |
2011-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301049
|
- |
|
cisco
|
cns_network_registrar
|
Cisco Network Registrar before 7.2 has a default administrative password, which makes it easier for remote attackers to obtain access via a TCP session, aka Bug ID CSCsm50627.
|
CWE-255
Credentials Management
|
CVE-2011-2024
|
2024-11-21 10:27 |
2011-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301050
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.5.3041, and 3.0.x before 3.0.629, on Linux and Mac OS X downloads a client executable file …
|
CWE-20
Improper Input Validation
|
CVE-2011-2040
|
2024-11-21 10:27 |
2011-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
