Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-08-01 | CVE-2011-2399 | Denial of Service vulnerability in HP OpenView Storage Data Protector 6.10/6.11 Unspecified vulnerability in the Media Management Daemon (mmd) in HP Data Protector 6.11 and earlier allows remote attackers to cause a denial of service via unknown vectors. | 7.8 |
2011-08-01 | CVE-2011-1744 | Permissions, Privileges, and Access Controls vulnerability in EMC Captiva Einput EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin of calls to ActiveX functions, which allows remote attackers to read arbitrary files or cause a denial of service via a crafted web site. | 5.8 |
2011-08-01 | CVE-2011-1743 | Cross-Site Scripting vulnerability in EMC Captiva Einput Cross-site scripting (XSS) vulnerability in EMC Captiva eInput 2.1.1 before 2.1.1.37 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-08-01 | CVE-2011-1742 | Credentials Management vulnerability in EMC Data Protection Advisor EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configuration file in unspecified circumstances, which might allow local users to obtain sensitive information by reading this file. | 2.1 |
2011-07-29 | CVE-2011-2964 | Code Injection vulnerability in Linuxfoundation Foomatic 4.0.6 foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697. | 6.8 |
2011-07-29 | CVE-2011-2697 | Improper Input Validation vulnerability in HP Linux Imaging and Printing Project 3.11.5 foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file. | 6.8 |
2011-07-29 | CVE-2011-2522 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program. | 6.8 |
2011-07-29 | CVE-2011-2401 | Session Fixation vulnerability in HP SiteScope Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors. network hp | 8.3 |
2011-07-29 | CVE-2011-2400 | Cross-Site Scripting vulnerability in HP Sitescope Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-07-29 | CVE-2011-2963 | Improper Authentication vulnerability in Progea Movicon 11.2 TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651. | 10.0 |