The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application...
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file. Date published : 2011-04-29 http://www.kb.cert.org/vuls/id/243670 http://www.wireshark.org/security/wnpa-sec-2011-06.html
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted...
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI. Date published : 2011-04-29 http://www.securityfocus.com/bid/47402 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622952
Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Date published : 2011-04-29 http://www.securityfocus.com/bid/47513 http://marc.info/?l=bugtraq&m=130331642631603&w=2
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2011-04-29 http://www.securityfocus.com/bid/47511 http://marc.info/?l=bugtraq&m=130331642631603&w=2
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors. Date published : 2011-04-29 http://www.securityfocus.com/bid/47512 http://marc.info/?l=bugtraq&m=130331363227777&w=2
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors. Date published : 2011-04-29 http://www.securityfocus.com/bid/47507 http://marc.info/?l=bugtraq&m=130331363227777&w=2
Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, 5.3x, 5.4, 5.41, and 5.41.002 allows remote attackers to obtain sensitive information via unknown vectors. Date published : 2011-04-29 http://marc.info/?l=bugtraq&m=130331776800952&w=2 http://marc.info/?l=bugtraq&m=130331776800952&w=2
Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. Date published :...
acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web...
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a...
IBM Rational Build Forge 7.1.0 uses the HTTP GET method during redirection from the authentication servlet to a PHP script, which makes it easier for context-dependent attackers to discover session IDs by reading (1)...
Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filepath parameter. Date published : 2011-04-26 http://www.securityfocus.com/bid/43908 http://www.exploit-db.com/exploits/15234