|
305501
|
5.3 |
MEDIUM
Network
|
suse
|
suse_linux_enterprise_server
suse_linux_enterprise_desktop
|
The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in th…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4190
|
2024-11-21 10:31 |
2018-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305502
|
9.8 |
CRITICAL
Network
|
packetfence
|
packetfence
|
html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection attacks and consequently bypass authentication via a crafted username.
|
CWE-90
LDAP Injection
|
CVE-2011-4069
|
2024-11-21 10:31 |
2018-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305503
|
9.8 |
CRITICAL
Network
|
packetfence
|
packetfence
|
The check_password function in html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to bypass authentication via an empty password.
|
CWE-287
Improper Authentication
|
CVE-2011-4068
|
2024-11-21 10:31 |
2018-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305504
|
- |
|
djangoproject
|
tastypie
|
The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to …
|
CWE-20
Improper Input Validation
|
CVE-2011-4104
|
2024-11-21 10:31 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305505
|
- |
|
djangoproject
|
piston
|
emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the y…
|
CWE-20
Improper Input Validation
|
CVE-2011-4103
|
2024-11-21 10:31 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305506
|
- |
|
bzip
|
bzip2
|
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by prec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4089
|
2024-11-21 10:31 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305507
|
- |
|
redhat
qemu
|
enterprise_linux_server_supplementary
enterprise_linux
qemu
|
Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4111
|
2024-11-21 10:31 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305508
|
- |
|
redhat
|
sos
|
The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4083
|
2024-11-21 10:31 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305509
|
- |
|
oracle
armin_burgmeier
opensuse_project
opensuse
|
solaris
net6
opensuse
|
Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections un…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2011-4093
|
2024-11-21 10:31 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305510
|
- |
|
ubuntu_developers
|
obby
|
obby (aka libobby) does not verify SSL server certificates, which allows remote attackers to spoof servers via an arbitrary certificate.
|
CWE-20
Improper Input Validation
|
CVE-2011-4092
|
2024-11-21 10:31 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
