264681
|
- |
|
apple
|
safari
|
Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK elemen…
|
NVD-CWE-Other
|
CVE-2010-0314
|
2011-03-18 11:46 |
2010-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264682
|
- |
|
proftpd
|
proftpd
|
The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.
|
CWE-399
Resource Management Errors
|
CVE-2008-7265
|
2011-03-18 11:35 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264683
|
- |
|
e107
|
e107
|
Cross-site scripting (XSS) vulnerability in e107 0.7.22 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-0457
|
2011-03-16 02:55 |
2011-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264684
|
- |
|
simon_pamies
|
pywebdav
|
Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL co…
|
CWE-89
SQL Injection
|
CVE-2011-0432
|
2011-03-15 13:00 |
2011-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264685
|
- |
|
apple
|
safari
|
Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of …
|
NVD-CWE-noinfo CWE-399
Resource Management Errors
|
CVE-2008-2307
|
2011-03-15 13:00 |
2008-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264686
|
- |
|
djangoproject
|
django
|
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site req…
|
CWE-352
Origin Validation Error
|
CVE-2011-0696
|
2011-03-11 12:51 |
2011-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264687
|
- |
|
djangoproject
|
django
|
Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file …
|
CWE-79
Cross-site Scripting
|
CVE-2011-0697
|
2011-03-11 12:51 |
2011-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264688
|
- |
|
openafs
|
openafs
|
The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to c…
|
CWE-20
Improper Input Validation
|
CVE-2011-0431
|
2011-03-11 12:50 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264689
|
- |
|
f-secure
|
internet_gatekeeper
|
F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP ses…
|
CWE-287
Improper Authentication
|
CVE-2011-0453
|
2011-03-11 12:50 |
2011-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264690
|
- |
|
epson
|
lp-s7100_driver_4.1.0 lp-s7100_driver_4.1.7 lp-s9000_driver_4.1.0 lp-s9000_driver_4.1.11
|
The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the "C:\Progra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3920
|
2011-03-11 12:48 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|