|
305771
|
- |
|
redhat
|
policykit
|
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effec…
|
CWE-362
Race Condition
|
CVE-2011-1485
|
2024-11-21 10:26 |
2011-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305772
|
- |
|
walrus_digit
|
walrack
|
WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly restrict file uploads, which allows remote attackers to execute arbitrary PHP code via vectors involving a double extension, as demonst…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1329
|
2024-11-21 10:26 |
2011-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305773
|
- |
|
fedoraproject
|
sssd
|
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured,…
|
CWE-287
Improper Authentication
|
CVE-2011-1758
|
2024-11-21 10:26 |
2011-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305774
|
- |
|
linux
|
linux_kernel
|
The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues…
|
CWE-20
Improper Input Validation
|
CVE-2011-1581
|
2024-11-21 10:26 |
2011-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305775
|
- |
|
rdesktop
|
rdesktop
|
Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via …
|
CWE-22
Path Traversal
|
CVE-2011-1595
|
2024-11-21 10:26 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305776
|
- |
|
python
|
python
|
The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain se…
|
CWE-399
Resource Management Errors
|
CVE-2011-1521
|
2024-11-21 10:26 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305777
|
- |
|
emc
|
sourceone_email_management
|
The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the t…
|
CWE-16
Configuration
|
CVE-2011-1424
|
2024-11-21 10:26 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305778
|
- |
|
radvision
|
iview_suite
|
SQL injection vulnerability in RADVISION iVIEW Suite before 7.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2011-1328
|
2024-11-21 10:26 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305779
|
- |
|
pureftpd
|
pure-ftpd
|
The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP session…
|
CWE-399
Resource Management Errors
|
CVE-2011-1575
|
2024-11-21 10:26 |
2011-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305780
|
- |
|
apache
|
tomcat
|
Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1582
|
2024-11-21 10:26 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
