|
299961
|
- |
|
djangoproject
|
django
|
django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which …
|
CWE-20
Improper Input Validation
|
CVE-2011-4136
|
2024-11-21 10:31 |
2011-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299962
|
- |
|
freebsd
|
freebsd
|
Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4062
|
2024-11-21 10:31 |
2011-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299963
|
- |
|
ibm
|
db2
tivoli_monitoring_for_databases
|
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain…
|
NVD-CWE-Other
|
CVE-2011-4061
|
2024-11-21 10:31 |
2011-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299964
|
- |
|
qnx
|
neutrino_rtos
|
The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environment variables when a program is spawned from a setuid program, whi…
|
CWE-59
Link Following
|
CVE-2011-4060
|
2024-11-21 10:31 |
2011-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299965
|
- |
|
plone
|
plone
cmfeditions
|
The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4030
|
2024-11-21 10:31 |
2011-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299966
|
- |
|
vmware
|
workstation
player
fusion
ams
|
Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafte…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3868
|
2024-11-21 10:31 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299967
|
- |
|
ibm
|
aix
|
The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors …
|
CWE-399
Resource Management Errors
|
CVE-2011-3982
|
2024-11-21 10:31 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299968
|
- |
|
google
|
chrome
|
Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecif…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3873
|
2024-11-21 10:31 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299969
|
- |
|
likno
|
allwebmenus_plugin
|
PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
|
CWE-94
Code Injection
|
CVE-2011-3981
|
2024-11-21 10:31 |
2011-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299970
|
- |
|
jerome_schneider
|
ameos_dragndropupload
|
Unspecified vulnerability in the Drag Drop Mass Upload (ameos_dragndropupload) extension 2.0.2 and earlier for TYPO3 allows remote attackers to upload arbitrary files via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2011-3980
|
2024-11-21 10:31 |
2011-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
