|
259551
|
- |
|
tor
|
tor
|
Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memo…
|
CWE-399
Resource Management Errors
|
CVE-2011-0016
|
2011-01-22 14:00 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259552
|
- |
|
verytools
|
videospirit_lite
videospirit_pro
|
Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0500
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259553
|
- |
|
musanim
|
music_animation_machine_midi_player
|
Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to cause a denial of service (crash) and possibly have other unspecified im…
|
NVD-CWE-Other
|
CVE-2011-0502
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259554
|
- |
|
musanim
|
music_animation_machine_midi_player
|
Per: https://secunia.com/advisories/42790
'Successful exploitation allows execution of arbitrary code.'
|
NVD-CWE-Other
|
CVE-2011-0502
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259555
|
- |
|
securstar
|
drivecrypt
|
DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows local users to execute arbitrary code via a crafted argument to the 0x00073800 IOCTL.
|
CWE-20
Improper Input Validation
|
CVE-2011-0513
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259556
|
- |
|
hotwebscripts
|
hotweb_rentals
|
SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this informatio…
|
CWE-89
SQL Injection
|
CVE-2010-4703
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259557
|
- |
|
xfig
|
xfig
|
Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4262
|
2011-01-20 15:46 |
2010-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259558
|
- |
|
djangoproject
|
django
|
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain obje…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4534
|
2011-01-20 15:46 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259559
|
- |
|
djangoproject
|
django
|
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestam…
|
CWE-20
Improper Input Validation
|
CVE-2010-4535
|
2011-01-20 15:46 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259560
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (application crash) via vect…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2010-4013
|
2011-01-20 15:45 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
