Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Date published : 2011-05-03 http://marc.info/?l=bugtraq&m=130339248106264&w=2 http://marc.info/?l=bugtraq&m=130339248106264&w=2
Unspecified vulnerability in HP Insight Control Performance Management before 6.3 allows remote authenticated users to gain privileges via unknown vectors. Date published : 2011-05-03 http://marc.info/?l=bugtraq&m=130339248106264&w=2 http://marc.info/?l=bugtraq&m=130339248106264&w=2
Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to obtain sensitive information via unknown vectors. Date published : 2011-05-03 http://marc.info/?l=bugtraq&m=130331221326039&w=2 http://marc.info/?l=bugtraq&m=130331221326039&w=2
Open redirect vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote authenticated users to redirect other users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Date published : 2011-05-03...
Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2011-05-03 http://marc.info/?l=bugtraq&m=130331221326039&w=2 http://marc.info/?l=bugtraq&m=130331221326039&w=2
Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter. Date published : 2011-05-03 https://bugzilla.redhat.com/show_bug.cgi?id=690877 http://tracker.nagios.org/view.php?id=207
Multiple SQL injection vulnerabilities in the DoctrineDBALPlatformsAbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field. Date...
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of...
Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call...
Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."...
Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. Date published : 2011-05-03 http://code.google.com/p/chromium/issues/detail?id=79361...
Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. Date...
Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload. Date published : 2011-05-03 http://code.google.com/p/chromium/issues/detail?id=77786 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html
Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling...