|
305921
|
- |
|
janrain
|
rpx
|
The Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not validate the file for a profile image, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks and p…
|
CWE-20
Improper Input Validation
|
CVE-2011-0771
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305922
|
- |
|
tibco
|
rendezvous
enterprise_message_service
runtime_agent
silver_bpm_service
silver_cap_service
silver_businessworks_service
|
Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before …
|
NVD-CWE-noinfo
|
CVE-2011-0649
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305923
|
- |
|
mediawiki
|
mediawiki
|
Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions before 1.16.2, when running on Windows and possibly No…
|
CWE-22
Path Traversal
|
CVE-2011-0537
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305924
|
- |
|
plone
redhat
|
plone
conga
luci
|
Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and…
|
NVD-CWE-noinfo
|
CVE-2011-0720
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305925
|
- |
|
lockon
|
ec-cube
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) data/Smarty/templates/default/list.tpl and (2) data/Smarty/templates/default/campaign/bloc/cart_tag.tpl in EC-CUBE before 2.4.4 allow remote…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0451
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305926
|
- |
|
ibm
|
db2
|
IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL state…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0757
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305927
|
- |
|
linux
|
linux_kernel
|
The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0521
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305928
|
- |
|
php
|
php
|
Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, a…
|
CWE-189
Numeric Errors
|
CVE-2011-0755
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305929
|
- |
|
php
|
php
|
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to con…
|
CWE-59
Link Following
|
CVE-2011-0754
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305930
|
- |
|
php
|
php
|
Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a la…
|
CWE-362
Race Condition
|
CVE-2011-0753
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
