Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-03-25 | CVE-2011-1292 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 7.5 |
| 2011-03-25 | CVE-2011-1291 | Classic Buffer Overflow vulnerability in Google Chrome Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error." | 7.5 |
| 2011-03-25 | CVE-2011-0890 | Information Exposure vulnerability in HP Discovery&Dependency Mapping Inventory HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community. | 5.0 |
| 2011-03-23 | CVE-2010-4776 | SQL Injection vulnerability in Preprojects PRE Online Tests Generator SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter. | 7.5 |
| 2011-03-23 | CVE-2010-4775 | Improper Input Validation vulnerability in Nicholas Thompson Relevant Content The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships. | 5.0 |
| 2011-03-23 | CVE-2010-4774 | SQL Injection vulnerability in Auracms 1.62 SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171. | 7.5 |
| 2011-03-23 | CVE-2010-4773 | Remote Security vulnerability in Hitachi products Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service before 07-60 -/D 2010.11.15 on Windows, before 05-10 -/D 2010.11.15 and 07-50 -/D 2010.11.15 on Linux, and before 07-50 -/C 2010.11.15 on AIX; allows remote attackers to execute arbitrary code via unknown attack vectors. | 10.0 |
| 2011-03-23 | CVE-2010-4772 | Cross-Site Scripting vulnerability in Matteoiammarrone S-Cms 2.5 Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter to viewforum.php. | 4.3 |
| 2011-03-23 | CVE-2010-4771 | SQL Injection vulnerability in Matteoiammarrone S-Cms 2.5 SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2011-03-23 | CVE-2010-4770 | SQL Injection vulnerability in Commodityrentals DVD Rentals Script SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action. | 7.5 |