|
263601
|
- |
|
measuresoft
|
scadapro
|
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method.
|
CWE-200
Information Exposure
|
CVE-2011-3497
|
2012-02-14 13:08 |
2011-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263602
|
- |
|
newgensoft
|
omnidocs
|
Newgen OmniDocs allows remote attackers to bypass intended access restrictions via (1) a modified FolderRights parameter to doccab/doclist.jsp, which leads to arbitrary permission changes; or (2) a m…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3645
|
2012-02-14 13:08 |
2011-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263603
|
- |
|
hp
|
business_service_automation_essentials
|
Unspecified vulnerability in HP Business Service Automation (BSA) Essentials 2.01 allows remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2011-2412
|
2012-02-14 13:07 |
2011-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263604
|
- |
|
adobe
|
photoshop_elements
|
Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2443
|
2012-02-14 13:07 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263605
|
- |
|
opera
|
opera_browser
|
Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to page …
|
CWE-20
Improper Input Validation
|
CVE-2011-2628
|
2012-02-14 13:07 |
2011-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263606
|
- |
|
emc
|
documentum_eroom
|
The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authentic…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2739
|
2012-02-14 13:07 |
2011-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263607
|
- |
|
apple
|
safari
webkit
|
WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. …
|
CWE-20
Improper Input Validation
|
CVE-2011-1774
|
2012-02-14 13:06 |
2011-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263608
|
- |
|
squirrelmail
|
squirrelmail
|
Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail me…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2023
|
2012-02-14 13:06 |
2011-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263609
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a cal…
|
CWE-20
Improper Input Validation
|
CVE-2011-0182
|
2012-02-14 13:03 |
2011-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263610
|
- |
|
oneorzero
|
aims
|
Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7.0 Trial Edition allow remote authenticated users to execute arbitrary SQL commands via the (1) id p…
|
CWE-89
SQL Injection
|
CVE-2010-4834
|
2012-02-14 13:02 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
