Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-05-10 | CVE-2011-2076 | Information Exposure vulnerability in Inventivetec Mediacast MediaCAST 8 and earlier stores passwords in cleartext, which makes it easier for context-dependent attackers to obtain sensitive information by reading an unspecified password data store, a different vulnerability than CVE-2010-0216. | 5.0 |
| 2011-05-10 | CVE-2010-0216 | Cryptographic Issues vulnerability in Inventivetec Mediacast authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter. | 5.0 |
| 2011-05-10 | CVE-2011-2075 | Remote Code Execution vulnerability in Google Chrome 11.0.696.65/12.0.742.30 Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. | 9.3 |
| 2011-05-10 | CVE-2011-2074 | Remote Code Execution vulnerability in Skype Technologies Skype for Mac Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 on Mac OS X allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via a crafted message. | 8.5 |
| 2011-05-10 | CVE-2011-1824 | Improper Input Validation vulnerability in Opera Browser The VEGAOpBitmap::AddLine function in Opera before 10.61 does not properly initialize memory during processing of the SIZE attribute of a SELECT element, which allows remote attackers to trigger an invalid memory write operation, and consequently cause a denial of service (application crash) or possibly execute arbitrary code, via a large integer attribute value. | 4.3 |
| 2011-05-10 | CVE-2011-0905 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in David King Vino The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation. | 3.5 |
| 2011-05-10 | CVE-2011-0904 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in David King Vino The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions. | 3.5 |
| 2011-05-09 | CVE-2011-1907 | Resource Management Errors vulnerability in ISC Bind 9.8.0 ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query. | 5.0 |
| 2011-05-09 | CVE-2011-1789 | Cryptographic Issues vulnerability in VMWare Esx, Esxi and Vcenter The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to spoof the software distribution via a Trojan horse installer. | 5.0 |
| 2011-05-09 | CVE-2011-1788 | Information Exposure vulnerability in VMWare Vcenter 4.0/4.1 vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1 allows local users to discover the SOAP session ID via unspecified vectors. | 2.1 |