263771
|
- |
|
tor
|
tor
|
Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2768
|
2012-01-19 12:58 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263772
|
- |
|
tor
|
tor
|
Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enu…
|
CWE-200
Information Exposure
|
CVE-2011-2769
|
2012-01-19 12:58 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263773
|
- |
|
tor
|
tor
|
Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS conn…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-2778
|
2012-01-19 12:58 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263774
|
- |
|
apache opensymphony
|
struts webwork xwork
|
Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1772
|
2012-01-19 12:57 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263775
|
- |
|
gnome
|
networkmanager
|
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vect…
|
CWE-287
Improper Authentication
|
CVE-2011-2176
|
2012-01-19 12:57 |
2011-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263776
|
- |
|
redhat
|
evince
|
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary …
|
CWE-20
Improper Input Validation
|
CVE-2010-2640
|
2012-01-19 12:49 |
2011-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263777
|
- |
|
redhat
|
evince
|
Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary …
|
CWE-20
Improper Input Validation
|
CVE-2010-2641
|
2012-01-19 12:49 |
2011-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263778
|
- |
|
redhat
|
evince
|
Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file tha…
|
CWE-189
Numeric Errors
|
CVE-2010-2643
|
2012-01-19 12:49 |
2011-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263779
|
- |
|
kde
|
kdelibs
|
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle atta…
|
CWE-310
Cryptographic Issues
|
CVE-2009-2702
|
2012-01-19 12:40 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263780
|
- |
|
google
|
chrome_os
|
Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is enabled, does not prevent changes on the about:flags page, which has unspecified impact and local attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2011-2170
|
2012-01-18 14:00 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|