259941
|
- |
|
gnome
|
ifcfg-rh_plug-in
|
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, whe…
|
NVD-CWE-Other
|
CVE-2011-3364
|
2012-01-19 12:59 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259942
|
- |
|
gnome
|
ifcfg-rh_plug-in
|
Per: http://cwe.mitre.org/data/definitions/184.html
'CWE-184: Incomplete Blacklist'
|
NVD-CWE-Other
|
CVE-2011-3364
|
2012-01-19 12:59 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259943
|
- |
|
libreoffice
|
libreoffice
|
Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2685
|
2012-01-19 12:58 |
2011-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259944
|
- |
|
ruby-lang
|
ruby
|
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependen…
|
CWE-20
Improper Input Validation
|
CVE-2011-2705
|
2012-01-19 12:58 |
2011-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259945
|
- |
|
tor
|
tor
|
Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2768
|
2012-01-19 12:58 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259946
|
- |
|
tor
|
tor
|
Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enu…
|
CWE-200
Information Exposure
|
CVE-2011-2769
|
2012-01-19 12:58 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259947
|
- |
|
tor
|
tor
|
Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS conn…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2778
|
2012-01-19 12:58 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259948
|
- |
|
apache opensymphony
|
struts webwork xwork
|
Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1772
|
2012-01-19 12:57 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259949
|
- |
|
gnome
|
networkmanager
|
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vect…
|
CWE-287
Improper Authentication
|
CVE-2011-2176
|
2012-01-19 12:57 |
2011-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259950
|
- |
|
redhat
|
evince
|
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary …
|
CWE-20
Improper Input Validation
|
CVE-2010-2640
|
2012-01-19 12:49 |
2011-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|