3407 matches found
CVE-2011-2204
Removed by vendor...
CVE-2011-2204
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file...
Nmap NSE net: http-robots.txt
Checks for disallowed entries in '/robots.txt' on a web server. The higher the verbosity or debug level, the more disallowed entries are shown. SYNTAX: http.pipeline: If set, it represents the number of HTTP requests that'll be pipelined ie, sent in a single request. This can be set low to make...
IBM Tivoli Directory Server Vulnerabilities (credentialed check)
According to its version, the installation of IBM Tivoli Directory Server on the remote host is prior to 6.0.0.67, 6.1.0.40, 6.2.0.16, or 6.3.0.3. It is, therefore, affected by one or more of the following vulnerabilities : - A malicious LDAP request can cause a buffer overrun in the server,...
[RT-SA-2011-002] SugarCRM list privilege restriction bypass
Advisory: SugarCRM list privilege restriction bypass RedTeam Pentesting discovered a vulnerability in SugarCRM that allows logged in users to bypass restrictions of their list privilege, allowing to list all entries. Details ======= Product: SugarCRM Community Edition SugarCRM Professional SugarC...
CVE-2011-1320
The Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when the Tivoli Integrated Portal / embedded WebSphere Application Server TIP/eWAS framework is used, does not properly delete AuthCache entries upon a logout, which might allow remote...
Debian Security Advisory DSA 2164-1 (shadow)
The remote host is missing an update to shadow announced via advisory DSA 2164-1. OpenVAS Vulnerability Test $Id: deb21641.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2164-1 shadow Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
Debian: Security Advisory (DSA-2164-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Code injection
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789...
CVE-2010-3879
CVE-2010-3879 affects FUSE (likely versions up to 2.8.5 and earlier). The vulnerability arises from a symlink attack on the parent directory of a FUSE mountpoint, enabling local users to create/modify mtab entries and thereby unmount a filesystem (a separate issue from CVE-2010-0789). The descrip...
CVE-2010-3879
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789...
CVE-2010-1799
creationtimestamp| type| source ---|---|--- 2011-01-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16558 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/applequicktimesmildebug.rb 2025-02-06...
CVE-2011-0499
creationtimestamp| type| source ---|---|--- 2011-01-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15936 2011-04-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/17153 2018-05-29 15:50:33+00:00| seen|...
CVE-2010-3850
creationtimestamp| type| source ---|---|--- 2010-12-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15704 2011-09-05 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/17787...
CVE-2010-3879
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789...
CVE-2010-3332
creationtimestamp| type| source ---|---|--- 2010-10-06 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15213 2010-10-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15265 2010-10-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15292 2024-06-11...
CVE-2010-3256
Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors...
Google Chrome < 6.0.472.53 Multiple Vulnerabilities
Binary data 800892.prm...
kernel: gfs2: rename causes kernel panic
The gfs2direntfindspace function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service NULL pointer dereference and panic and possibly have unspecified other...
libtiff tiffdump integer overflow
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entri...