|
308401
|
- |
|
aphpkb
|
aphpkb
|
Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase (Aphpkb) before 0.95.3 allow remote attackers to execute arbitrary SQL commands via the s parameter to (1) a_viewusers.php or (2) ke…
|
CWE-89
SQL Injection
|
CVE-2011-1546
|
2024-11-21 10:26 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308402
|
- |
|
t1lib
foolabs
glyphandcog
|
t1lib
xpdf
xpdfreader
|
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document con…
|
CWE-189
Numeric Errors
|
CVE-2011-1554
|
2024-11-21 10:26 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308403
|
- |
|
t1lib
foolabs
glyphandcog
|
t1lib
xpdf
xpdfreader
|
Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF …
|
CWE-399
Resource Management Errors
|
CVE-2011-1553
|
2024-11-21 10:26 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308404
|
- |
|
t1lib
foolabs
glyphandcog
|
t1lib
xpdf
xpdfreader
|
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash)…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1552
|
2024-11-21 10:26 |
2011-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308405
|
- |
|
novell
|
opensuse_factory
|
SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ directory tree to the web-service user account, which might allow local users to gain privileges by leveraging access to this account …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1551
|
2024-11-21 10:26 |
2011-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308406
|
- |
|
gentoo
|
logrotate
|
The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1550
|
2024-11-21 10:26 |
2011-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308407
|
- |
|
gentoo
|
logrotate
|
The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard lin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1549
|
2024-11-21 10:26 |
2011-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308408
|
- |
|
gentoo
|
logrotate
|
The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1548
|
2024-11-21 10:26 |
2011-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308409
|
- |
|
nokia
|
e75_firmware
e75
|
The Nokia E75 phone with firmware before 211.12.01 allows physically proximate attackers to bypass the Device Lock code by entering an unspecified button sequence at boot time.
|
CWE-287
Improper Authentication
|
CVE-2011-1472
|
2024-11-21 10:26 |
2011-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308410
|
- |
|
symantec
|
liveupdate_administrator
|
Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2011-1524
|
2024-11-21 10:26 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
