|
259401
|
- |
|
brad_fitzpatrick
|
djabberd
|
XMLParser.pm in DJabberd before 0.85 allows remote authenticated users to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consum…
|
CWE-399
Resource Management Errors
|
CVE-2011-2206
|
2011-06-28 13:00 |
2011-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259402
|
- |
|
prosody
|
prosody
|
Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation)…
|
CWE-399
Resource Management Errors
|
CVE-2011-2531
|
2011-06-28 13:00 |
2011-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259403
|
- |
|
prosody
|
prosody
|
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service (infinite loop) via invalid JSON data, as demonstrated by truncated d…
|
CWE-399
Resource Management Errors
|
CVE-2011-2532
|
2011-06-28 13:00 |
2011-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259404
|
- |
|
apple
|
mac_os_x
imageio
mac_os_x_server
|
Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image.
|
CWE-189
Numeric Errors
|
CVE-2011-0181
|
2011-06-27 13:00 |
2011-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259405
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network.
|
CWE-399
Resource Management Errors
|
CVE-2011-0196
|
2011-06-27 13:00 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259406
|
- |
|
metasploit
|
metasploit_framework
|
The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replac…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1056
|
2011-06-20 13:00 |
2011-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259407
|
- |
|
wikkawiki
|
wikkawiki
|
The RecentChanges feature in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to obtain the names, and possibly revision notes and dates, of private pages via RSS feeds.
|
CWE-200
Information Exposure
|
CVE-2007-2552
|
2011-06-16 13:00 |
2007-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259408
|
- |
|
amarok
|
amarok
|
The ruby handlers in the Magnatune component in Amarok do not properly quote text in certain contexts, probably including construction of an unzip command line, which allows attackers to execute arbi…
|
CWE-20
Improper Input Validation
|
CVE-2006-6979
|
2011-06-16 13:00 |
2007-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259409
|
- |
|
mediawiki
|
mediawiki
|
includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear certain cached data after verification of an auth token fails, which allows remote attackers to bypa…
|
CWE-287
Improper Authentication
|
CVE-2011-1766
|
2011-06-16 11:56 |
2011-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259410
|
- |
|
sybase
|
easerver
|
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.
|
CWE-22
Path Traversal
|
CVE-2011-2474
|
2011-06-14 13:00 |
2011-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
