266111
|
- |
|
musanim
|
music_animation_machine_midi_player
|
Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to cause a denial of service (crash) and possibly have other unspecified im…
|
NVD-CWE-Other
|
CVE-2011-0502
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266112
|
- |
|
musanim
|
music_animation_machine_midi_player
|
Per: https://secunia.com/advisories/42790
'Successful exploitation allows execution of arbitrary code.'
|
NVD-CWE-Other
|
CVE-2011-0502
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266113
|
- |
|
securstar
|
drivecrypt
|
DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows local users to execute arbitrary code via a crafted argument to the 0x00073800 IOCTL.
|
CWE-20
Improper Input Validation
|
CVE-2011-0513
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266114
|
- |
|
hotwebscripts
|
hotweb_rentals
|
SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this informatio…
|
CWE-89
SQL Injection
|
CVE-2010-4703
|
2011-01-21 14:00 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266115
|
- |
|
xfig
|
xfig
|
Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4262
|
2011-01-20 15:46 |
2010-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266116
|
- |
|
djangoproject
|
django
|
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain obje…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4534
|
2011-01-20 15:46 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266117
|
- |
|
djangoproject
|
django
|
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestam…
|
CWE-20
Improper Input Validation
|
CVE-2010-4535
|
2011-01-20 15:46 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266118
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (application crash) via vect…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2010-4013
|
2011-01-20 15:45 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266119
|
- |
|
xfig
|
xfig
|
Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses t…
|
CWE-399
Resource Management Errors
|
CVE-2009-4228
|
2011-01-20 15:37 |
2009-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266120
|
- |
|
io-socket-ssl
|
io-socket-ssl
|
The verify_hostname_of_cert function in the certificate checking feature in IO-Socket-SSL (IO::Socket::SSL) 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which all…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3024
|
2011-01-20 15:35 |
2009-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|