|
305361
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 allows remote attackers to inject arbitrary web script or HTML via vectors related to web messag…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5065
|
2024-11-21 10:33 |
2012-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305362
|
- |
|
isc
|
dhcp
|
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote atta…
|
CWE-399
Resource Management Errors
|
CVE-2011-4868
|
2024-11-21 10:33 |
2012-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305363
|
- |
|
apache
|
tomcat
|
DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server …
|
CWE-310
Cryptographic Issues
|
CVE-2011-5064
|
2024-11-21 10:33 |
2012-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305364
|
- |
|
apache
|
tomcat
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to …
|
CWE-287
Improper Authentication
|
CVE-2011-5063
|
2024-11-21 10:33 |
2012-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305365
|
- |
|
apache
|
tomcat
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5062
|
2024-11-21 10:33 |
2012-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305366
|
- |
|
whmcs
|
whmcompletesolution
|
functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to…
|
CWE-94
Code Injection
|
CVE-2011-5061
|
2024-11-21 10:33 |
2012-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305367
|
- |
|
roderich_schupp
|
par-packer_module
|
The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5060
|
2024-11-21 10:33 |
2012-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305368
|
- |
|
clusterresources
cluster_resources
|
torque_resource_manager
|
Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user account…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4925
|
2024-11-21 10:33 |
2012-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305369
|
- |
|
hp
|
diagnostics
|
Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4789
|
2024-11-21 10:33 |
2012-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305370
|
- |
|
hp
|
storageworks_p2000_g3_msa_fc\/iscsi_dual_combo_controller_lff_array_system
storageworks_p2000_g3_msa_fibre_channel_dual_controller_lff_array_system
storageworks_p2000_g3_msa_fibre_channel_dual_…
|
Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI.
|
CWE-22
Path Traversal
|
CVE-2011-4788
|
2024-11-21 10:33 |
2012-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
