|
264511
|
- |
|
plone
|
cmfeditions
plone
|
The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4030
|
2011-10-30 12:39 |
2011-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264512
|
- |
|
kbs
|
weblygo
|
Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE, 5.02 Pro/LE, 5.03 Pro/LE, 5.04 Pro/LE, and 5.10 Pro/LE allows remote attackers to inject arbitrary web script or HTML via unspecified v…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1330
|
2011-10-27 12:24 |
2011-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264513
|
- |
|
cisco
|
unified_ip_phone_7906
unified_ip_phone_7911g
unified_ip_phone_7931g
unified_ip_phone_7941g
unified_ip_phone_7941g-ge
unified_ip_phone_7942g
unified_ip_phone_7945g
unified_ip_phon…
|
Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 allow local users to gain privileges via unspecified vectors, aka Bug ID CSCtn65815.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1603
|
2011-10-27 12:24 |
2011-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264514
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.
|
NVD-CWE-Other
|
CVE-2011-1132
|
2011-10-27 12:23 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264515
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2011-1132
|
2011-10-27 12:23 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264516
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrate…
|
CWE-200
Information Exposure
|
CVE-2011-0197
|
2011-10-27 12:21 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264517
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0198
|
2011-10-27 12:21 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264518
|
- |
|
apple
|
mac_os_x_server
|
Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the sta…
|
CWE-22
Path Traversal
|
CVE-2011-0203
|
2011-10-27 12:21 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264519
|
- |
|
apple
|
imageio
mac_os_x
mac_os_x_server
|
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0205
|
2011-10-27 12:21 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264520
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive ali…
|
CWE-310
Cryptographic Issues
|
CVE-2011-0207
|
2011-10-27 12:21 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
