259991
|
- |
|
celeryproject
|
celery
|
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4356
|
2012-01-4 01:38 |
2011-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259992
|
- |
|
ibm
|
rational_asset_manager
|
Cross-site scripting (XSS) vulnerability in IBM Rational Asset Manager before 7.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4708
|
2012-01-3 14:00 |
2011-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259993
|
- |
|
novell
|
xtier_framework
|
Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via crafted he…
|
CWE-189
Numeric Errors
|
CVE-2011-1710
|
2012-01-2 14:00 |
2011-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259994
|
- |
|
tor
|
tor
|
Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about …
|
CWE-200
Information Exposure
|
CVE-2011-4896
|
2011-12-30 14:00 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259995
|
- |
|
tor
|
tor
|
Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, uses the local hostname as the Nickname value, which allows remote attackers to obtain potentially sen…
|
CWE-200
Information Exposure
|
CVE-2011-4897
|
2011-12-30 14:00 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259996
|
- |
|
xzeroscripts
|
xzero_community_classifieds
|
Cross-site scripting (XSS) vulnerability in index.php in XZero Community Classifieds 4.97.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded file…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2914
|
2011-12-29 14:00 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259997
|
- |
|
goahead
|
goahead_webserver
|
GoAhead WebServer allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
|
CWE-399
Resource Management Errors
|
CVE-2009-5111
|
2011-12-28 23:46 |
2011-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259998
|
- |
|
dhttpd
|
dhttpd
|
dhttpd allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
|
CWE-399
Resource Management Errors
|
CVE-2009-5110
|
2011-12-28 23:42 |
2011-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259999
|
- |
|
mini-stream
|
rm-mp3_converter
|
Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 allows remote attackers to execute arbitrary code via a long URL in a .pls file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-5081
|
2011-12-28 14:00 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260000
|
- |
|
mini-stream
|
ripper
|
Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5109
|
2011-12-28 14:00 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|