|
263931
|
- |
|
ruby-lang
|
ruby
|
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which a…
|
CWE-189
Numeric Errors
|
CVE-2011-0188
|
2011-08-24 12:15 |
2011-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263932
|
- |
|
ruby-lang
|
ruby
|
Per: http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
'This issue only affects 64-bit Ruby processes'.
|
CWE-189
Numeric Errors
|
CVE-2011-0188
|
2011-08-24 12:15 |
2011-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263933
|
- |
|
mark_pilgrim
|
feedparser
|
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2009-5065
|
2011-08-24 12:06 |
2011-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263934
|
- |
|
postfix
|
postfix
|
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink a…
|
CWE-59
Link Following
|
CVE-2009-2939
|
2011-08-24 12:02 |
2009-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263935
|
- |
|
apple
|
webkit
|
page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rd…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1386
|
2011-08-23 13:00 |
2010-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263936
|
- |
|
ibm
|
websphere_application_server
|
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the (1) systemout.log and (2)…
|
CWE-200
Information Exposure
|
CVE-2008-5413
|
2011-08-23 13:00 |
2008-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263937
|
- |
|
ibm
|
websphere_application_server
|
The vendor has released a fixpack:
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg24021073
|
CWE-200
Information Exposure
|
CVE-2008-5413
|
2011-08-23 13:00 |
2008-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263938
|
- |
|
oaboard
|
oaboard
|
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc_stat parameter, a different vulnerability than CVE-2006-00…
|
CWE-94
Code Injection
|
CVE-2006-0094
|
2011-08-23 13:00 |
2006-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263939
|
- |
|
focus-sis
|
focus_sis
|
PHP remote file inclusion vulnerability in modules/Discipline/StudentFieldBreakdown.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter, a …
|
CWE-94
Code Injection
|
CVE-2007-4942
|
2011-08-22 13:00 |
2007-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263940
|
- |
|
ibm
|
tivoli_federated_identity_manager
|
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an Op…
|
CWE-287
Improper Authentication
|
CVE-2009-5083
|
2011-08-13 02:55 |
2011-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
