|
305081
|
- |
|
systemtap
|
systemtap
|
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, wh…
|
CWE-20
Improper Input Validation
|
CVE-2011-2502
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305082
|
- |
|
t-mobile
busybox
|
tm-ac1900
busybox
|
The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP…
|
CWE-20
Improper Input Validation
|
CVE-2011-2716
|
2024-11-21 10:28 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305083
|
- |
|
gnome
|
gdk-pixbuf
|
The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (…
|
NVD-CWE-Other
|
CVE-2011-2485
|
2024-11-21 10:28 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305084
|
- |
|
umich
|
libgssglue
libgssapi
|
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment va…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2709
|
2024-11-21 10:28 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305085
|
- |
|
qemu
|
qemu
|
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted fi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2527
|
2024-11-21 10:28 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305086
|
- |
|
kvm_group
|
qemu-kvm
|
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitr…
|
CWE-20
Improper Input Validation
|
CVE-2011-2512
|
2024-11-21 10:28 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305087
|
- |
|
cisco
|
spa8000_8-port_ip_telephony_gateway_firmware
spa8000_8-port_ip_telephony_gateway
spa8800_8-port_ip_telephony_gateway_firmware
spa8800_ip_telephony_gateway
spa2102_phone_adapter_with_route…
|
Cross-site scripting (XSS) vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows …
|
CWE-79
Cross-site Scripting
|
CVE-2011-2545
|
2024-11-21 10:28 |
2012-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305088
|
- |
|
linux
|
linux_kernel
|
Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system c…
|
CWE-189
Numeric Errors
|
CVE-2011-2496
|
2024-11-21 10:28 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305089
|
- |
|
linux
|
linux_kernel
|
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonst…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2495
|
2024-11-21 10:28 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305090
|
- |
|
linux
|
linux_kernel
|
kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of…
|
CWE-200
Information Exposure
|
CVE-2011-2494
|
2024-11-21 10:28 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
