264981
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CV…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1332
|
2011-06-30 02:55 |
2011-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264982
|
- |
|
simplemachines
|
smf
|
SSI.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly restrict guest access, which allows remote attackers to have an unspecified impact via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1127
|
2011-06-29 13:00 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264983
|
- |
|
simplemachines
|
smf
|
The loadUserSettings function in Load.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly handle invalid login attempts, which might make it easier for remote …
|
CWE-310
Cryptographic Issues
|
CVE-2011-1128
|
2011-06-29 13:00 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264984
|
- |
|
simplemachines
|
smf
|
Cross-site scripting (XSS) vulnerability in the EditNews function in ManageNews.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, might allow remote authenticated users to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1129
|
2011-06-29 13:00 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264985
|
- |
|
simplemachines
|
smf
|
The PlushSearch2 function in Search.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, uses certain cached data in a situation where a temporary table has been created, even th…
|
CWE-200
Information Exposure
|
CVE-2011-1131
|
2011-06-28 13:00 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264986
|
- |
|
brad_fitzpatrick
|
djabberd
|
DJabberd 0.84 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML documen…
|
CWE-399
Resource Management Errors
|
CVE-2011-1757
|
2011-06-28 13:00 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264987
|
- |
|
brad_fitzpatrick
|
djabberd
|
XMLParser.pm in DJabberd before 0.85 allows remote authenticated users to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consum…
|
CWE-399
Resource Management Errors
|
CVE-2011-2206
|
2011-06-28 13:00 |
2011-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264988
|
- |
|
prosody
|
prosody
|
Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation)…
|
CWE-399
Resource Management Errors
|
CVE-2011-2531
|
2011-06-28 13:00 |
2011-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264989
|
- |
|
prosody
|
prosody
|
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service (infinite loop) via invalid JSON data, as demonstrated by truncated d…
|
CWE-399
Resource Management Errors
|
CVE-2011-2532
|
2011-06-28 13:00 |
2011-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264990
|
- |
|
apple
|
mac_os_x imageio mac_os_x_server
|
Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image.
|
CWE-189
Numeric Errors
|
CVE-2011-0181
|
2011-06-27 13:00 |
2011-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|