|
307511
|
- |
|
tincan
|
phplist
|
Multiple cross-site request forgery (CSRF) vulnerabilities in phpList before 2.10.13 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) edit admini…
|
CWE-352
Origin Validation Error
|
CVE-2011-0748
|
2024-11-21 10:24 |
2011-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307512
|
- |
|
zyxel
|
o2_dsl_router_classic
|
Cross-site request forgery (CSRF) vulnerability in Forms/PortForwarding_Edit_1 on the ZyXEL O2 DSL Router Classic allows remote attackers to hijack the authentication of administrators for requests t…
|
CWE-352
Origin Validation Error
|
CVE-2011-0746
|
2024-11-21 10:24 |
2011-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307513
|
- |
|
pwhois
|
layer_four_traceroute
|
Unspecified vulnerability in lft in pWhois Layer Four Traceroute (LFT) 3.x before 3.3 allows local users to gain privileges via a crafted command line.
|
NVD-CWE-noinfo
|
CVE-2011-0765
|
2024-11-21 10:24 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307514
|
- |
|
novell
|
opensuse_build_service
|
The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intended write-access restrictions and modify a (1) package or (2) project via unspec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0466
|
2024-11-21 10:24 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307515
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page…
|
CWE-20
Improper Input Validation
|
CVE-2011-0463
|
2024-11-21 10:24 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307516
|
- |
|
novell
|
opensuse_build_service
|
Multiple cross-site scripting (XSS) vulnerabilities in the login page in the webui component in SUSE openSUSE Build Service (OBS) before 2.1.6 allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0462
|
2024-11-21 10:24 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307517
|
- |
|
gnu
redhat
|
glibc
enterprise_linux
|
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in …
|
NVD-CWE-Other
|
CVE-2011-0536
|
2024-11-21 10:24 |
2011-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307518
|
- |
|
x
matthias_hopf
|
x11
xrdb
|
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
|
CWE-20
Improper Input Validation
|
CVE-2011-0465
|
2024-11-21 10:24 |
2011-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307519
|
- |
|
opensuse
|
opensuse
|
The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab ex…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0468
|
2024-11-21 10:24 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307520
|
- |
|
opensuse
|
opensuse
|
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attac…
|
CWE-59
Link Following
|
CVE-2011-0461
|
2024-11-21 10:24 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
