|
263921
|
- |
|
libguestfs
|
libguestfs
|
libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files …
|
CWE-200
Information Exposure
|
CVE-2010-3851
|
2011-08-27 12:44 |
2010-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263922
|
- |
|
otrs
|
otrs
|
webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability."
|
CWE-78
OS Command
|
CVE-2011-0456
|
2011-08-26 13:00 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263923
|
- |
|
aimluck
|
aipo
aipo-asp
|
SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ASP before 5.1.1, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2011-1342
|
2011-08-26 13:00 |
2011-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263924
|
- |
|
t-dreams
|
cars_ads_package
|
SQL injection vulnerability in processview.asp in Techno Dreams (T-Dreams) Cars Ads Package 2.0 allows remote attackers to execute arbitrary SQL commands via the key parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4829
|
2011-08-25 13:00 |
2011-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263925
|
- |
|
ozeki
|
http-sms_gateway
|
Ozeki HTTP-SMS Gateway 1.0, and possibly earlier, stores usernames and passwords in plaintext in the HKLM\Software\Ozeki\SMSServer\CurrentVersion\Plugins\httpsmsgate registry key, which allows local …
|
CWE-310
Cryptographic Issues
|
CVE-2006-6674
|
2011-08-25 13:00 |
2006-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263926
|
- |
|
citrix
|
xen
|
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravir…
|
CWE-189
Numeric Errors
|
CVE-2011-1583
|
2011-08-24 12:17 |
2011-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263927
|
- |
|
digium
|
asterisk
asterisknow
s800i
|
Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1147
|
2011-08-24 12:16 |
2011-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263928
|
- |
|
mark_pilgrim
|
feedparser
|
feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service (application crash) via a malformed DOCTYPE declaration.
|
CWE-399
Resource Management Errors
|
CVE-2011-1156
|
2011-08-24 12:16 |
2011-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263929
|
- |
|
mark_pilgrim
|
feedparser
|
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1157
|
2011-08-24 12:16 |
2011-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263930
|
- |
|
mark_pilgrim
|
feedparser
|
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1158
|
2011-08-24 12:16 |
2011-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
