|
309431
|
- |
|
alcatel-lucent
|
omnivista
|
Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP G…
|
CWE-22
Path Traversal
|
CVE-2011-0345
|
2024-11-21 10:23 |
2011-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309432
|
- |
|
alcatel-lucent
|
omnipcx
|
Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX E…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0344
|
2024-11-21 10:23 |
2011-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309433
|
- |
|
gplhost
|
domain_technologie_control
|
shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) before 0.32.9 allows remote authenticated users to delete arbitrary accounts via the edssh_acc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0437
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309434
|
- |
|
gplhost
|
domain_technologie_control
|
The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password in an e-mail message, which makes it easier for remote attack…
|
CWE-310
Cryptographic Issues
|
CVE-2011-0436
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309435
|
- |
|
gplhost
|
domain_technologie_control
|
Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially sens…
|
CWE-287
Improper Authentication
|
CVE-2011-0435
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309436
|
- |
|
gplhost
|
domain_technologie_control
|
Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php o…
|
CWE-89
SQL Injection
|
CVE-2011-0434
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309437
|
- |
|
hp
|
multifunction_peripheral_digital_sending_software
|
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to acce…
|
CWE-287
Improper Authentication
|
CVE-2011-0279
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309438
|
- |
|
mozilla
gnome
|
firefox
pango
|
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cau…
|
NVD-CWE-Other
|
CVE-2011-0064
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309439
|
- |
|
apple
|
itunes
|
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0192
|
2024-11-21 10:23 |
2011-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309440
|
- |
|
apple
|
itunes
|
Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0191
|
2024-11-21 10:23 |
2011-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
