|
307001
|
- |
|
xen
|
xen
|
Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables.
|
CWE-20
Improper Input Validation
|
CVE-2011-1166
|
2024-11-21 10:25 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307002
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memor…
|
CWE-787
Out-of-bounds Write
|
CVE-2011-1180
|
2024-11-21 10:25 |
2013-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307003
|
- |
|
david_king
|
vino
|
Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "Configure network to automatically accept connections" setting is enabled, which might make it easi…
|
NVD-CWE-Other
|
CVE-2011-1165
|
2024-11-21 10:25 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307004
|
- |
|
david_king
|
vino
|
Vino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences dialog box, which might make it easier for remote attackers to perform attacks.
|
CWE-16
Configuration
|
CVE-2011-1164
|
2024-11-21 10:25 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307005
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux
enterprise_linux_desktop
enterprise_linux_eus
enterprise_linux_aus
|
kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.
|
NVD-CWE-noinfo
|
CVE-2011-1182
|
2024-11-21 10:25 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307006
|
- |
|
linux
|
linux_kernel
|
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the C…
|
NVD-CWE-noinfo
|
CVE-2011-1019
|
2024-11-21 10:25 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307007
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block ch…
|
CWE-310
Cryptographic Issues
|
CVE-2011-1096
|
2024-11-21 10:25 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307008
|
- |
|
linux
|
linux_kernel
|
The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kerne…
|
CWE-200
Information Exposure
|
CVE-2011-1160
|
2024-11-21 10:25 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307009
|
- |
|
linux
|
linux_kernel
|
The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain p…
|
CWE-20
Improper Input Validation
|
CVE-2011-1080
|
2024-11-21 10:25 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307010
|
- |
|
linux
|
linux_kernel
|
The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain …
|
CWE-20
Improper Input Validation
|
CVE-2011-1079
|
2024-11-21 10:25 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
