|
307441
|
- |
|
nrl
|
opie
|
Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line.
|
CWE-189
Numeric Errors
|
CVE-2011-2489
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307442
|
- |
|
likewise
|
likewise_open
|
SQL injection vulnerability in lsassd in Lsass in the Likewise Security Authority in Likewise Open 5.4 through 6.1, and Likewise Enterprise 6.0, allows local users to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2011-2467
|
2024-11-21 10:28 |
2011-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307443
|
- |
|
libreoffice
|
libreoffice
|
Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2685
|
2024-11-21 10:28 |
2011-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307444
|
7.8 |
HIGH
Local
|
redhat
fedoraproject
|
system-config-firewall
fedora
|
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privil…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2011-2520
|
2024-11-21 10:28 |
2011-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307445
|
- |
|
chyrp
|
chyrp
|
Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability t…
|
CWE-22
Path Traversal
|
CVE-2011-2780
|
2024-11-21 10:28 |
2011-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307446
|
- |
|
hp
|
arcsight_c5400_appliance
arcsight_c5200_appliance
arcsight_c3200_appliance
arcsight_c3400_appliance
arcsight_c1300_appliance
arcsight_c1000_appliance
windows_event_log_smartconnector
|
Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2779
|
2024-11-21 10:28 |
2011-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307447
|
- |
|
chyrp
|
chyrp
|
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp 2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the action parameter to (1) the default URI or (2) inclu…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2743
|
2024-11-21 10:28 |
2011-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307448
|
- |
|
chyrp
|
chyrp
|
Directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the defa…
|
CWE-22
Path Traversal
|
CVE-2011-2744
|
2024-11-21 10:28 |
2011-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307449
|
- |
|
plone
zope
|
plone_hotfix_20110720
plone
zope
|
Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privi…
|
NVD-CWE-noinfo
|
CVE-2011-2528
|
2024-11-21 10:28 |
2011-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307450
|
- |
|
otrs
|
iphonehandle
otrs
|
The iPhoneHandle package 0.9.x before 0.9.7 and 1.0.x before 1.0.3 in Open Ticket Request System (OTRS) does not properly restrict use of the iPhoneHandle interface, which allows remote authenticated…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2385
|
2024-11-21 10:28 |
2011-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
