260411
|
- |
|
cisco
|
content_delivery_system_engine content_delivery_system
|
The Internet Streamer application in Cisco Content Delivery System (CDS) with software 2.5.7, 2.5.8, and 2.5.9 before build 126 allows remote attackers to cause a denial of service (Web Engine crash)…
|
CWE-399
Resource Management Errors
|
CVE-2011-1649
|
2011-09-7 12:16 |
2011-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260412
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4…
|
CWE-399
Resource Management Errors
|
CVE-2011-1651
|
2011-09-7 12:16 |
2011-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260413
|
- |
|
gnome
|
gdm
|
GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involvin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1709
|
2011-09-7 12:16 |
2011-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260414
|
- |
|
hp
|
palm_webos
|
Multiple cross-site scripting (XSS) vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-1737
|
2011-09-7 12:16 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260415
|
- |
|
hp
|
palm_webos
|
HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1738
|
2011-09-7 12:16 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260416
|
- |
|
maynard_johnson
|
oprofile
|
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.
|
CWE-94
Code Injection
|
CVE-2011-1760
|
2011-09-7 12:16 |
2011-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260417
|
- |
|
banu
|
tinyproxy
|
Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handl…
|
CWE-189
Numeric Errors
|
CVE-2011-1843
|
2011-09-7 12:16 |
2011-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260418
|
- |
|
hp
|
business_availability_center
|
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.06 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-1856
|
2011-09-7 12:16 |
2011-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260419
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain pri…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2041
|
2011-09-7 12:16 |
2011-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260420
|
- |
|
adobe
|
blazeds livecycle_data_services livecycle
|
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX…
|
CWE-20
Improper Input Validation
|
CVE-2011-2092
|
2011-09-7 12:16 |
2011-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|