|
306681
|
- |
|
tor
|
tor
|
Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2768
|
2024-11-21 10:28 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306682
|
- |
|
emc
|
rsa_adaptive_authentication_on-premise
|
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly perform forensic evaluation upon receipt of device tokens from mobile a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2742
|
2024-11-21 10:28 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306683
|
- |
|
emc
|
rsa_adaptive_authentication_on-premise
|
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly implement Device Recovery and Device Identification, which might allow …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2741
|
2024-11-21 10:28 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306684
|
- |
|
adobe
|
coldfusion
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the cfform tag.
|
CWE-79
Cross-site Scripting
|
CVE-2011-2463
|
2024-11-21 10:28 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306685
|
- |
|
novell
|
zenworks_asset_management
|
Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file.
|
CWE-22
Path Traversal
|
CVE-2011-2653
|
2024-11-21 10:28 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306686
|
- |
|
ironmountain
|
connected_backup
|
The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted opcode 13 request that triggers use of the LaunchCompoundFileAnalyzer class to …
|
CWE-20
Improper Input Validation
|
CVE-2011-2397
|
2024-11-21 10:28 |
2011-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306687
|
- |
|
adobe
|
flex_sdk
|
Cross-site scripting (XSS) vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2461
|
2024-11-21 10:28 |
2011-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306688
|
- |
|
robert_luberda
|
man2html
|
Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related …
|
CWE-79
Cross-site Scripting
|
CVE-2011-2770
|
2024-11-21 10:28 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306689
|
- |
|
mahara
|
mahara
|
The "Reply to message" feature in Mahara 1.3.x and 1.4.x before 1.4.1 allows remote authenticated users to read the messages of a different user via a modified replyto parameter.
|
CWE-200
Information Exposure
|
CVE-2011-2774
|
2024-11-21 10:28 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306690
|
- |
|
mahara
|
mahara
|
Cross-site request forgery (CSRF) vulnerability in Mahara before 1.4.1 allows remote attackers to hijack the authentication of administrators for requests that add a user to an institution.
|
CWE-352
Origin Validation Error
|
CVE-2011-2773
|
2024-11-21 10:28 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
