|
307841
|
- |
|
haxx
apple
fedoraproject
debian
canonical
|
libcurl
mac_os_x
fedora
debian_linux
ubuntu_linux
|
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which a…
|
CWE-255
Credentials Management
|
CVE-2011-2192
|
2024-11-21 10:27 |
2011-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307842
|
- |
|
hongli_lai
|
libgnomesu
|
gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1946
|
2024-11-21 10:27 |
2011-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307843
|
- |
|
ffmpeg
libav
videolan
|
ffmpeg
libav
vlc_media_player
|
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write op…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1931
|
2024-11-21 10:27 |
2011-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307844
|
- |
|
hp
|
openview_storage_data_protector
|
Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXE…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1866
|
2024-11-21 10:27 |
2011-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307845
|
- |
|
hp
|
openview_storage_data_protector
|
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted par…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1865
|
2024-11-21 10:27 |
2011-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307846
|
- |
|
rubyonrails
|
rails
ruby_on_rails
|
The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it …
|
CWE-79
Cross-site Scripting
|
CVE-2011-2197
|
2024-11-21 10:27 |
2011-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307847
|
- |
|
apache
|
tomcat
|
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creatio…
|
CWE-200
Information Exposure
|
CVE-2011-2204
|
2024-11-21 10:27 |
2011-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307848
|
- |
|
reallysimplechat
|
really_simple_chat
|
Multiple SQL injection vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2 allow remote attackers to execute arbitrary SQL commands via the (1) arsc_user parameter to base/admin/edit_user.php, (2)…
|
CWE-89
SQL Injection
|
CVE-2011-2181
|
2024-11-21 10:27 |
2011-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307849
|
- |
|
reallysimplechat
|
really_simple_chat
|
Cross-site scripting (XSS) vulnerability in dereferer.php in A Really Simple Chat (ARSC) 3.3-rc2 allows remote attackers to inject arbitrary web script or HTML via the arsc_link parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-2180
|
2024-11-21 10:27 |
2011-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307850
|
- |
|
videolan
|
vlc_media_player
|
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unsp…
|
CWE-189
Numeric Errors
|
CVE-2011-2194
|
2024-11-21 10:27 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
