|
264471
|
- |
|
novell
|
identity_manager_roles_based_provisioning_module
identity_manager_user_application
|
Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2227
|
2011-11-22 12:56 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264472
|
- |
|
njstar
|
njstar_communicator
|
Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows remote attackers to execute arbitrary code via a crafted packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4040
|
2011-11-21 20:55 |
2011-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264473
|
- |
|
aviosoft
|
dtv_player
|
Buffer overflow in Aviosoft DTV Player 1.0.1.2 allows remote attackers to execute arbitrary code via a crafted .plf (aka playlist) file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4496
|
2011-11-21 20:55 |
2011-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264474
|
- |
|
asus
|
rt-n56u_firmware
rt-n56u
|
QIS_wizard.htm on the ASUS RT-N56U router with firmware before 1.0.1.4o allows remote attackers to obtain the administrator password via a flag=detect request.
|
CWE-200
Information Exposure
|
CVE-2011-4497
|
2011-11-21 20:55 |
2011-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264475
|
- |
|
zenprise
|
zenprise_device_manager
|
Cross-site request forgery (CSRF) vulnerability in the web console in Zenprise Device Manager 6.x through 6.1.8 allows remote attackers to hijack the authentication of administrators for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2011-4498
|
2011-11-21 20:55 |
2011-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264476
|
- |
|
robert_luberda
|
man2html
|
Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related …
|
CWE-79
Cross-site Scripting
|
CVE-2011-2770
|
2011-11-21 14:00 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264477
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation…
|
CWE-20
Improper Input Validation
|
CVE-2011-3646
|
2011-11-21 14:00 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264478
|
- |
|
montala
|
resourcespace
|
ResourceSpace before 4.2.2833 does not properly validate access keys, which allows remote attackers to bypass intended resource restrictions via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2011-4311
|
2011-11-21 14:00 |
2011-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264479
|
- |
|
apple
|
mac_os_x
|
The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted appl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7303
|
2011-11-21 14:00 |
2011-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264480
|
- |
|
owasp-java-html-sanitizer_project
|
owasp-java-html-sanitizer
|
OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when JavaScript is disabled, allows user-assisted remote attackers to obtain potentially sensitive information via a crafted FORM eleme…
|
CWE-200
Information Exposure
|
CVE-2011-4457
|
2011-11-18 14:00 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
