|
263931
|
- |
|
drusus
kerry_thompson
|
logsurfer
logsurfer\+
|
Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted s…
|
CWE-399
Resource Management Errors
|
CVE-2011-3626
|
2012-01-30 14:00 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263932
|
- |
|
duckcorp
|
bip
|
bip before 0.8.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an empty USER command.
|
NVD-CWE-Other
|
CVE-2010-3071
|
2012-01-28 02:43 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263933
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1 before 6.1.0.43, 7.0 before 7.0.0.23, and 8.0 before 8.0.0.3 computes hash values for form parameters without restricting the ability …
|
CWE-20
Improper Input Validation
|
CVE-2012-0193
|
2012-01-27 13:04 |
2012-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263934
|
- |
|
oneorzero
|
aims
|
OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie.
|
CWE-287
Improper Authentication
|
CVE-2011-4214
|
2012-01-27 13:03 |
2011-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263935
|
- |
|
oneorzero
|
aims
|
SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variabl…
|
CWE-89
SQL Injection
|
CVE-2011-4215
|
2012-01-27 13:03 |
2011-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263936
|
- |
|
horde
|
groupware_webmail_edition
|
Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related …
|
CWE-79
Cross-site Scripting
|
CVE-2012-0909
|
2012-01-27 01:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263937
|
- |
|
asterisk
|
open_source
|
chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial …
|
NVD-CWE-noinfo
|
CVE-2012-0885
|
2012-01-26 23:50 |
2012-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263938
|
- |
|
google
|
android
|
The Bluetooth service (com/android/phone/BluetoothHeadsetService.java) in Android 2.3 before 2.3.6 allows remote attackers within Bluetooth range to obtain contact data via an AT phonebook transfer.
|
CWE-200
Information Exposure
|
CVE-2011-4276
|
2012-01-26 14:00 |
2012-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263939
|
- |
|
splunk
|
splunk
|
Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote …
|
CWE-287
Improper Authentication
|
CVE-2011-4644
|
2012-01-26 14:00 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263940
|
- |
|
kaixin001
|
kaixin001
|
The Kaixin001 (com.kaixin001.activity) application 1.3.1 and 1.3.3 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a cleartext pass…
|
CWE-200
Information Exposure
|
CVE-2011-4866
|
2012-01-26 04:45 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
