|
309001
|
- |
|
novell
|
opensuse_build_service
|
The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intended write-access restrictions and modify a (1) package or (2) project via unspec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0466
|
2024-11-21 10:24 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309002
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page…
|
CWE-20
Improper Input Validation
|
CVE-2011-0463
|
2024-11-21 10:24 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309003
|
- |
|
novell
|
opensuse_build_service
|
Multiple cross-site scripting (XSS) vulnerabilities in the login page in the webui component in SUSE openSUSE Build Service (OBS) before 2.1.6 allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0462
|
2024-11-21 10:24 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309004
|
- |
|
gnu
redhat
|
glibc
enterprise_linux
|
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in …
|
NVD-CWE-Other
|
CVE-2011-0536
|
2024-11-21 10:24 |
2011-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309005
|
- |
|
x
matthias_hopf
|
x11
xrdb
|
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
|
CWE-20
Improper Input Validation
|
CVE-2011-0465
|
2024-11-21 10:24 |
2011-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309006
|
- |
|
opensuse
|
opensuse
|
The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab ex…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0468
|
2024-11-21 10:24 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309007
|
- |
|
opensuse
|
opensuse
|
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attac…
|
CWE-59
Link Following
|
CVE-2011-0461
|
2024-11-21 10:24 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309008
|
- |
|
t1lib
foolabs
glyphandcog
|
t1lib
xpdf
xpdfreader
|
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbit…
|
CWE-20
Improper Input Validation
|
CVE-2011-0764
|
2024-11-21 10:24 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309009
|
- |
|
gnome
|
gdm
|
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
|
CWE-59
Link Following
|
CVE-2011-0727
|
2024-11-21 10:24 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309010
|
- |
|
michael_hudson-doyle
|
loggerhead
|
Cross-site scripting (XSS) vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows remote authenticated users to inject arbitrary web script or HTML via a filename, which is not prop…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0728
|
2024-11-21 10:24 |
2011-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
