|
302471
|
- |
|
siemens
|
automation_license_manager
|
Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allow remote attackers to execute arbitrary code via a long serialid field in an _licensekey command, as…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4529
|
2024-11-21 10:32 |
2012-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302472
|
- |
|
mediawiki
debian
|
mediawiki
debian_linux
|
MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by (1) leveraging the SpecialUpload::aja…
|
CWE-276
Incorrect Default Permissions
|
CVE-2011-4361
|
2024-11-21 10:32 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302473
|
- |
|
mediawiki
debian
|
mediawiki
debian_linux
|
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.
|
CWE-200
Information Exposure
|
CVE-2011-4360
|
2024-11-21 10:32 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302474
|
- |
|
igor_vlasenko
|
html-template-pro
|
Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to impr…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4616
|
2024-11-21 10:32 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302475
|
- |
|
openssl
|
openssl
|
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of servi…
|
CWE-399
Resource Management Errors
|
CVE-2011-4619
|
2024-11-21 10:32 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302476
|
- |
|
openssl
|
openssl
|
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate…
|
CWE-399
Resource Management Errors
|
CVE-2011-4577
|
2024-11-21 10:32 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302477
|
- |
|
openssl
|
openssl
|
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4576
|
2024-11-21 10:32 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302478
|
- |
|
pfsense
|
pfsense
|
etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certifica…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4197
|
2024-11-21 10:32 |
2012-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302479
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPL-44614.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4778
|
2024-11-21 10:32 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302480
|
- |
|
splunk
|
splunk
|
Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote …
|
CWE-287
Improper Authentication
|
CVE-2011-4644
|
2024-11-21 10:32 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
