|
301891
|
- |
|
openssl
|
openssl
|
The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obt…
|
CWE-310
Cryptographic Issues
|
CVE-2011-5095
|
2024-11-21 10:33 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301892
|
- |
|
mozilla
|
network_security_services
|
Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, …
|
NVD-CWE-Other
|
CVE-2011-5094
|
2024-11-21 10:33 |
2012-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301893
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arb…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5093
|
2024-11-21 10:33 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301894
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 3.8.x before 3.8.12 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code and gain privileges via unspecified vectors, a different vulnerability than CVE-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5092
|
2024-11-21 10:33 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301895
|
- |
|
grboard
|
grboard
|
Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter …
|
CWE-89
SQL Injection
|
CVE-2011-5091
|
2024-11-21 10:33 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301896
|
- |
|
grboard
|
grboard
|
GR Board (aka grboard) 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote attackers to modify or delete data via a request to (1) mod_rewrite.…
|
CWE-287
Improper Authentication
|
CVE-2011-5090
|
2024-11-21 10:33 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301897
|
- |
|
iconics
|
genesis32
bizviz
|
Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service (applicatio…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5089
|
2024-11-21 10:33 |
2012-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301898
|
- |
|
iconics
|
genesis32
bizviz
|
The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code vi…
|
NVD-CWE-Other
|
CVE-2011-5088
|
2024-11-21 10:33 |
2012-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301899
|
- |
|
adastra
|
trace_mode_data_center
|
Unspecified vulnerability in AdAstrA TRACE MODE Data Center allows remote attackers to read arbitrary files via unknown vectors, as demonstrated by the GLEG Agora SCADA+ Exploit Pack for Immunity CAN…
|
NVD-CWE-noinfo
|
CVE-2011-5087
|
2024-11-21 10:33 |
2012-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301900
|
- |
|
nsoftware
|
unitronics_uniopc
|
https50.ocx in IP*Works! SSL in the server in Unitronics UniOPC before 2.0.0 does not properly implement an unspecified function, which allows remote attackers to cause a denial of service (applicati…
|
CWE-20
Improper Input Validation
|
CVE-2011-5086
|
2024-11-21 10:33 |
2012-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
