|
305561
|
- |
|
mutare
|
evm
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare EVM allow remote attackers to hijack the authentication of arbitrary users for requests that (1) change a PIN, (2) delete messages…
|
CWE-352
Origin Validation Error
|
CVE-2011-1104
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305562
|
- |
|
linux
|
linux_kernel
|
The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, wh…
|
CWE-200
Information Exposure
|
CVE-2011-1020
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305563
|
- |
|
linux
|
linux_kernel
|
The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associa…
|
CWE-20
Improper Input Validation
|
CVE-2011-1016
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305564
|
- |
|
bestpractical
|
rt
|
Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1008
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305565
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, which allows physically proximate attackers to obtain credentials by resubmitting the login form via t…
|
CWE-255
Credentials Management
|
CVE-2011-1007
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305566
|
- |
|
cisco
|
secure_desktop
|
The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this pr…
|
CWE-20
Improper Input Validation
|
CVE-2011-0925
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305567
|
- |
|
f-secure
|
policy_manager
|
The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows …
|
CWE-200
Information Exposure
|
CVE-2011-1103
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305568
|
- |
|
f-secure
|
policy_manager
|
Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1102
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305569
|
- |
|
citrix
|
licensing_administration_console
|
Multiple unspecified vulnerabilities in a third-party component of the Citrix Licensing Administration Console 11.6, formerly License Management Console, allow remote attackers to (1) access unauthor…
|
NVD-CWE-noinfo
|
CVE-2011-1101
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305570
|
- |
|
logwatch
|
logwatch
|
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
|
CWE-20
Improper Input Validation
|
CVE-2011-1018
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
