CVE-2011-0xxx

There are 887 CVE in this subgroup.

Last updated:

← Back to 2011

ID	Summary	Flags
CVE-2011-0001	Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (t...	S
CVE-2011-0002	libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, w...	E
CVE-2011-0003	MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to ...	S
CVE-2011-0004	Multiple cross-site scripting (XSS) vulnerabilities in Piwik before 1.1 allow remote attackers to in...	S
CVE-2011-0005	Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 a...	E
CVE-2011-0006	The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6...	S
CVE-2011-0007	pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary fil...	S
CVE-2011-0008	A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly inte...	S
CVE-2011-0009	Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for p...	S
CVE-2011-0010	check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password ...	S
CVE-2011-0011	qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote...
CVE-2011-0012	The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local users ...
CVE-2011-0013	Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5...	E S
CVE-2011-0014	ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to ca...	S
CVE-2011-0015	Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly check the amount of compress...	S
CVE-2011-0016	Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, w...	S
CVE-2011-0017	The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) set...	S
CVE-2011-0018	The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 a...	E S
CVE-2011-0019	slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) ...
CVE-2011-0020	Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render....	E
CVE-2011-0021	Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before...	S
CVE-2011-0022	The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple ...
CVE-2011-0023	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...	R
CVE-2011-0024	Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to ca...
CVE-2011-0025	IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures...	S
CVE-2011-0026	Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data A...
CVE-2011-0027	Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6...
CVE-2011-0028	WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse fields in Wo...
CVE-2011-0029	Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6...
CVE-2011-0030	The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2...
CVE-2011-0031	The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in Microsoft Windows Server 2008 R2 and W...
CVE-2011-0032	Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 ...
CVE-2011-0033	The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 20...
CVE-2011-0034	Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft...
CVE-2011-0035	Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows rem...
CVE-2011-0036	Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows rem...
CVE-2011-0037	Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Remov...
CVE-2011-0038	Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain...
CVE-2011-0039	The Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3 and Serve...
CVE-2011-0040	The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an upda...
CVE-2011-0041	Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2...
CVE-2011-0042	SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Wi...
CVE-2011-0043	Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, w...
CVE-2011-0044	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0045	The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform t...
CVE-2011-0046	Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3...	S
CVE-2011-0047	Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to injec...	S
CVE-2011-0048	Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a c...
CVE-2011-0049	Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 ...	E S
CVE-2011-0050	Cross-site scripting (XSS) vulnerability in the nonjs interface (interfaces/nonjs.pm) in CGI:IRC bef...
CVE-2011-0051	Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properl...
CVE-2011-0053	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6....
CVE-2011-0054	Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, a...
CVE-2011-0055	Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3....
CVE-2011-0056	Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, a...
CVE-2011-0057	Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and ...
CVE-2011-0058	Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.1...
CVE-2011-0059	Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3....
CVE-2011-0060	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0061	Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey befo...
CVE-2011-0062	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 an...
CVE-2011-0063	The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote at...	E S
CVE-2011-0064	The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and othe...	S
CVE-2011-0065	Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey...
CVE-2011-0066	Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey...
CVE-2011-0067	Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properl...	E S
CVE-2011-0069	Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before...	E S
CVE-2011-0070	Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before...	E S
CVE-2011-0071	Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderb...	E S
CVE-2011-0072	Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef...
CVE-2011-0073	Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properl...
CVE-2011-0074	Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef...
CVE-2011-0075	Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef...
CVE-2011-0076	Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3....
CVE-2011-0077	Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef...
CVE-2011-0078	Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x bef...
CVE-2011-0079	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow...	E S
CVE-2011-0080	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 an...
CVE-2011-0081	Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x befor...	S
CVE-2011-0082	The X.509 certificate validation functionality in Mozilla Firefox 4.0.x through 4.0.1 does not prope...	E
CVE-2011-0083	Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of ...
CVE-2011-0084	The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5...
CVE-2011-0085	Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18...
CVE-2011-0086	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-0087	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP...
CVE-2011-0088	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-0089	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-0090	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-0091	Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not prevent a session from changing ...
CVE-2011-0092	The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, an...
CVE-2011-0093	ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures ...
CVE-2011-0094	Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execu...
CVE-2011-0095	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0096	The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vis...	E
CVE-2011-0097	Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 fo...
CVE-2011-0098	Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and ...
CVE-2011-0099	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0100	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0101	Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code or cause a denial of serv...
CVE-2011-0102	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0103	Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Conver...
CVE-2011-0104	Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Conver...
CVE-2011-0105	Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac o...
CVE-2011-0106	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0107	Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2...
CVE-2011-0108	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0109	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0110	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0111	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...
CVE-2011-0112	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0113	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0114	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0115	The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple S...	S
CVE-2011-0116	Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as use...	S
CVE-2011-0117	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0118	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0119	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0120	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0121	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0122	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0123	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0124	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0125	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0126	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0127	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0128	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0129	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0130	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0131	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0132	Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 ...	S
CVE-2011-0133	WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly access glyph data during l...	S
CVE-2011-0134	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0135	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0136	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0137	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0138	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0139	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0140	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0141	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0142	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0143	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0144	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0145	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0146	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0147	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0148	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0149	WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associ...	S
CVE-2011-0150	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0151	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0152	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0153	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0154	WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, does not properly implement th...	S
CVE-2011-0155	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0156	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0157	WebKit, as used in Apple iOS before 4.3, allows remote attackers to execute arbitrary code or cause ...
CVE-2011-0158	MobileSafari in Apple iOS before 4.3 does not properly implement application launching through URL h...
CVE-2011-0159	The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does not properly implement the cl...
CVE-2011-0160	WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects ...
CVE-2011-0161	WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle the Attr.s...
CVE-2011-0162	Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properly perform bounds checking for ...
CVE-2011-0163	WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecifie...
CVE-2011-0164	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0165	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0166	The HTML5 drag and drop functionality in WebKit in Apple Safari before 5.0.4 allows user-assisted re...
CVE-2011-0167	The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass t...
CVE-2011-0168	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execut...	S
CVE-2011-0169	WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the wi...
CVE-2011-0170	Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows ...	S
CVE-2011-0171	Rejected reason: This candidate is unused by its CNA....	R
CVE-2011-0172	AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service (d...	S
CVE-2011-0173	Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-...	S
CVE-2011-0174	Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allows remot...	S
CVE-2011-0175	Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote ...	S
CVE-2011-0176	Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote ...	S
CVE-2011-0177	Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote ...	S
CVE-2011-0178	The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directo...	S
CVE-2011-0179	CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause ...	S
CVE-2011-0180	Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS...	S
CVE-2011-0181	Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbit...	S
CVE-2011-0182	The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle ...	S
CVE-2011-0183	Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an ...	S
CVE-2011-0184	QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or ...	S
CVE-2011-0185	Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X b...
CVE-2011-0186	QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause...	S
CVE-2011-0187	The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same ...	S
CVE-2011-0188	The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as u...	S
CVE-2011-0189	The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version...	S
CVE-2011-0190	Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified...	S
CVE-2011-0191	Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes bef...	S
CVE-2011-0192	Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Ap...	S
CVE-2011-0193	Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to exe...	S
CVE-2011-0194	Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute ...	S
CVE-2011-0195	The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to...
CVE-2011-0196	AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds...	S
CVE-2011-0197	App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, ...	S
CVE-2011-0198	Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remot...	S
CVE-2011-0199	The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking...	S
CVE-2011-0200	Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arb...	S
CVE-2011-0201	Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-depe...	S
CVE-2011-0202	Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute ...	S
CVE-2011-0203	Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before ...	S
CVE-2011-0204	Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to exe...	S
CVE-2011-0205	Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to exe...	S
CVE-2011-0206	Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows...	S
CVE-2011-0207	The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail ap...	S
CVE-2011-0208	QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or ...	S
CVE-2011-0209	Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arb...	S
CVE-2011-0210	QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause...	S
CVE-2011-0211	Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arb...	S
CVE-2011-0212	servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and poss...	S
CVE-2011-0213	Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbi...	S
CVE-2011-0214	CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of...	S
CVE-2011-0215	ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which ...	S
CVE-2011-0216	Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary...	S
CVE-2011-0217	Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form sub...	S
CVE-2011-0218	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0219	Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the r...	S
CVE-2011-0220	Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet....
CVE-2011-0221	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0222	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0223	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0224	CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or caus...
CVE-2011-0225	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0226	Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Ap...
CVE-2011-0227	The queueing primitives in IOMobileFrameBuffer in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 do n...
CVE-2011-0228	The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the bas...
CVE-2011-0229	Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 ...
CVE-2011-0230	Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 1...
CVE-2011-0231	CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy...
CVE-2011-0232	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0233	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0234	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0235	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0236	Rejected reason: This candidate is unused by its CNA....	R
CVE-2011-0237	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0238	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0239	Rejected reason: This candidate is unused by its CNA....	R
CVE-2011-0240	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0241	Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execut...	S
CVE-2011-0242	Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attack...	S
CVE-2011-0243	Rejected reason: This candidate is unused by its CNA....	R
CVE-2011-0244	WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files vi...	S
CVE-2011-0245	Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0246	Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execu...	S
CVE-2011-0247	Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attacker...	S
CVE-2011-0248	Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Window...	S
CVE-2011-0249	Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrar...	S
CVE-2011-0250	Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrar...	S
CVE-2011-0251	Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrar...	S
CVE-2011-0252	Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrar...	S
CVE-2011-0253	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0254	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0255	WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...	S
CVE-2011-0256	Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or ...
CVE-2011-0257	Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary ...	E
CVE-2011-0258	Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a d...
CVE-2011-0259	CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, ...	S
CVE-2011-0260	The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does not prevent a system window fr...
CVE-2011-0261	Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView Network Node Manager (OV NNM) 7...
CVE-2011-0262	Buffer overflow in the stringToSeconds function in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Net...
CVE-2011-0263	Multiple stack-based buffer overflows in ovas.exe in the OVAS service in HP OpenView Network Node Ma...
CVE-2011-0264	Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53...
CVE-2011-0265	Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow...
CVE-2011-0266	Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow...
CVE-2011-0267	Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and ...	E
CVE-2011-0268	Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow...
CVE-2011-0269	Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow...
CVE-2011-0270	Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 an...
CVE-2011-0271	The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate ...
CVE-2011-0272	Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code vi...
CVE-2011-0273	Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote att...
CVE-2011-0274	Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 a...
CVE-2011-0275	Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote at...
CVE-2011-0276	HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in ...	E
CVE-2011-0277	Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows ...
CVE-2011-0278	Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 allows local users to bypa...
CVE-2011-0279	HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure...
CVE-2011-0280	Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier all...
CVE-2011-0281	The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x t...
CVE-2011-0282	The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backe...
CVE-2011-0283	The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 allows remote attackers to cause ...
CVE-2011-0284	Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Ce...	S
CVE-2011-0285	The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MI...	S
CVE-2011-0286	Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager com...	E
CVE-2011-0287	Unspecified vulnerability in the BlackBerry Administration API in Research In Motion (RIM) BlackBerr...
CVE-2011-0290	The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) ...	E
CVE-2011-0291	The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with soft...
CVE-2011-0310	Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary ...
CVE-2011-0311	The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology...
CVE-2011-0314	Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows rem...
CVE-2011-0315	Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web Container component in IBM WebS...
CVE-2011-0316	The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 a...
CVE-2011-0317	Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or...	S
CVE-2011-0318	Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or...	S
CVE-2011-0319	Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or...	S
CVE-2011-0320	Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or...	S
CVE-2011-0321	librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6...
CVE-2011-0322	Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0.x, and 6.1.x allows remote att...
CVE-2011-0323	Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allows remo...
CVE-2011-0324	Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly...
CVE-2011-0329	Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX c...
CVE-2011-0330	The Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 does not properly rest...
CVE-2011-0331	Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 78...
CVE-2011-0332	Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote...	S
CVE-2011-0333	Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWis...
CVE-2011-0334	Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 b...
CVE-2011-0335	Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or...	S
CVE-2011-0340	Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904...
CVE-2011-0341	Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF p...
CVE-2011-0342	Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in...
CVE-2011-0343	Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly...	S
CVE-2011-0344	Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool we...
CVE-2011-0345	Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and ...
CVE-2011-0346	Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Ex...
CVE-2011-0347	Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI displa...
CVE-2011-0348	Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4...
CVE-2011-0349	Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services G...
CVE-2011-0350	Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services G...
CVE-2011-0352	Buffer overflow in the web-based management interface on the Cisco Linksys WRT54GC router with firmw...	S
CVE-2011-0354	The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video...	E
CVE-2011-0355	Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX...
CVE-2011-0364	The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 all...
CVE-2011-0372	The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allo...
CVE-2011-0373	The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allo...
CVE-2011-0374	The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allo...
CVE-2011-0375	The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allo...
CVE-2011-0376	The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1....
CVE-2011-0377	Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to caus...
CVE-2011-0378	The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x ...
CVE-2011-0379	Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x;...
CVE-2011-0380	Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and ...
CVE-2011-0381	Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified action...
CVE-2011-0382	The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 al...
CVE-2011-0383	The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before...
CVE-2011-0384	The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0....
CVE-2011-0385	The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x ...
CVE-2011-0386	The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1....
CVE-2011-0387	The administrative web interface on Cisco TelePresence Multipoint Switch (CTMS) devices with softwar...
CVE-2011-0388	Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Sw...
CVE-2011-0389	Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x all...
CVE-2011-0390	The XML-RPC implementation on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0....
CVE-2011-0391	Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a de...
CVE-2011-0392	Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an...
CVE-2011-0393	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1...
CVE-2011-0394	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1...
CVE-2011-0395	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1...
CVE-2011-0396	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1...
CVE-2011-0398	The Piwik_Common::getIP function in Piwik before 1.1 does not properly determine the client IP addre...	S
CVE-2011-0399	Piwik before 1.1 does not prevent the rendering of the login form inside a frame in a third-party HT...	S
CVE-2011-0400	Cookie.php in Piwik before 1.1 does not set the secure flag for the session cookie in an https sessi...	S
CVE-2011-0401	Piwik before 1.1 does not properly limit the number of files stored under tmp/sessions/, which might...	S
CVE-2011-0402	dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitr...
CVE-2011-0403	Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, 2.5.4.0, and other versions a...	E
CVE-2011-0404	Stack-based buffer overflow in NetSupport Manager Agent for Linux 11.00, for Solaris 9.50, and for M...	E
CVE-2011-0405	Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, whe...	E S
CVE-2011-0406	Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to ...	E
CVE-2011-0407	SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.cla...	E
CVE-2011-0408	pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (applic...
CVE-2011-0410	CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the intern...
CVE-2011-0411	The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9,...	E
CVE-2011-0412	Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable per...
CVE-2011-0413	The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1...
CVE-2011-0414	ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers...
CVE-2011-0418	The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly exp...	E S
CVE-2011-0419	Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portabl...	E S
CVE-2011-0420	The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 all...	E S
CVE-2011-0421	The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not...	E S
CVE-2011-0423	The PolyVision RoomWizard with firmware 3.2.3 has a default password of roomwizard for the administr...	E
CVE-2011-0426	Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 be...
CVE-2011-0427	Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote at...	S
CVE-2011-0428	Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbit...
CVE-2011-0430	Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly ot...
CVE-2011-0431	The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4....
CVE-2011-0432	Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in D...	S
CVE-2011-0433	Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x,...
CVE-2011-0434	Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remot...	S
CVE-2011-0435	Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_...	S
CVE-2011-0436	The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before...	S
CVE-2011-0437	shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (...	S
CVE-2011-0438	nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success code when a user is not found in...	S
CVE-2011-0439	Cross-site scripting (XSS) vulnerability in Mahara 1.2.x before 1.2.7 and 1.3.x before 1.3.4 allows ...	S
CVE-2011-0440	Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x before 1.2.7 and 1.3.x before 1.3.4 ...
CVE-2011-0441	The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary ...	S
CVE-2011-0442	The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) s...
CVE-2011-0443	SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2, when magic_quotes_gpc is disab...	E
CVE-2011-0444	Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 throu...	S
CVE-2011-0445	The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial o...
CVE-2011-0446	Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2....	S
CVE-2011-0447	Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validat...	S
CVE-2011-0448	Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify intege...	S
CVE-2011-0449	actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-ins...	S
CVE-2011-0450	The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of t...
CVE-2011-0451	Multiple cross-site scripting (XSS) vulnerabilities in (1) data/Smarty/templates/default/list.tpl an...	S
CVE-2011-0452	Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local us...
CVE-2011-0453	F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading a...	S
CVE-2011-0454	Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware 1.00 through 1....
CVE-2011-0455	Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allo...	S
CVE-2011-0456	webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote attackers to execu...
CVE-2011-0457	Cross-site scripting (XSS) vulnerability in e107 0.7.22 and earlier allows remote attackers to injec...	S
CVE-2011-0458	Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows...
CVE-2011-0459	Cross-site scripting (XSS) vulnerability in Cyber-Ark Password Vault Web Access (PVWA) 5.0 and earli...
CVE-2011-0460	The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files...
CVE-2011-0461	/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and befo...
CVE-2011-0462	Multiple cross-site scripting (XSS) vulnerabilities in the login page in the webui component in SUSE...
CVE-2011-0463	The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OC...	E S
CVE-2011-0464	Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to ex...
CVE-2011-0465	xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrar...	S
CVE-2011-0466	The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attack...
CVE-2011-0467	SQL injection in SUSE studio via select parameter
CVE-2011-0468	The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11...
CVE-2011-0469	Code injection in openSUSE when running some source services used in the open build service 2.1 befo...
CVE-2011-0470	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions ...	E
CVE-2011-0471	The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.3...
CVE-2011-0472	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printin...	E
CVE-2011-0473	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading S...
CVE-2011-0474	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading S...	E S
CVE-2011-0475	Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 al...
CVE-2011-0476	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote attackers to cause a ...	E
CVE-2011-0477	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch ...	E
CVE-2011-0478	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use ele...	E
CVE-2011-0479	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with exte...
CVE-2011-0480	Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome ...	E S
CVE-2011-0481	Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote a...	E S
CVE-2011-0482	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of ...
CVE-2011-0483	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of ...
CVE-2011-0484	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node r...	E
CVE-2011-0485	Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data...
CVE-2011-0486	Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM Cognos 8 Business Intelligence (BI) 8....
CVE-2011-0487	ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execu...
CVE-2011-0488	Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as d...	S
CVE-2011-0489	The server components in Objectivity/DB 10.0 do not require authentication for administrative comman...	E
CVE-2011-0490	Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log ha...	S
CVE-2011-0491	The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate ...	S
CVE-2011-0492	Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of s...	S
CVE-2011-0493	Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remote attackers to cause a denial...	S
CVE-2011-0494	Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before ...
CVE-2011-0495	Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source b...	S
CVE-2011-0496	Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replic...
CVE-2011-0497	Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replic...
CVE-2011-0498	Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, al...	E
CVE-2011-0499	Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier versions, and VideoSpirit Lite 1.4.0...
CVE-2011-0500	Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and poss...	E
CVE-2011-0501	Stack-based buffer overflow in Music Animation Machine MIDI Player 2006aug19 Release 035 and possibl...	E
CVE-2011-0502	Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-as...	E
CVE-2011-0503	Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, and probably earlier version...	E
CVE-2011-0504	Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, 1.6.1, and probably earlier ver...	E
CVE-2011-0505	Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is disab...	E
CVE-2011-0506	Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1 all...	E
CVE-2011-0507	FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versi...	E
CVE-2011-0508	Cross-site scripting (XSS) vulnerability in system/modules/comments/Comments.php in Contao CMS 2.9.2...	S
CVE-2011-0509	Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows remote attackers to inject ar...
CVE-2011-0510	SQL injection vulnerability in cart.php in Advanced Webhost Billing System (AWBS) 2.9.2 and possibly...	E
CVE-2011-0511	SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows re...	E
CVE-2011-0512	SQL injection vulnerability in team.php in the Teams Structure module 3.0 for PHP-Fusion allows remo...	E
CVE-2011-0513	DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows local users to execute arbitrary...	E
CVE-2011-0514	The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denia...	E
CVE-2011-0515	KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 allows local users to cause a ...	E
CVE-2011-0516	SQL injection vulnerability in mainx_a.php in E-PROMPT C BetMore Site Suite 4.0 through 4.2.0 allows...	E
CVE-2011-0517	Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server...	E
CVE-2011-0518	Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magic_quotes_g...	E
CVE-2011-0519	SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly o...	E
CVE-2011-0520	The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably ot...
CVE-2011-0521	The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-r...	S
CVE-2011-0522	The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text d...	E S
CVE-2011-0523	gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, ...	E S
CVE-2011-0524	Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a ...
CVE-2011-0525	Batavi before 1.0 has CSRF....	E
CVE-2011-0526	Cross-site scripting (XSS) vulnerability in index.php in Vanilla Forums before 2.0.17 allows remote ...	E
CVE-2011-0527	VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before 2....
CVE-2011-0528	Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote ...
CVE-2011-0529	Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP....	E
CVE-2011-0530	Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd)...	S
CVE-2011-0531	demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows ...	S
CVE-2011-0532	The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389...
CVE-2011-0533	Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 B...	S
CVE-2011-0534	Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize li...	S
CVE-2011-0535	Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows re...	E
CVE-2011-0536	Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of th...	S
CVE-2011-0537	Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObje...	S
CVE-2011-0538	Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during...	E S
CVE-2011-0539	The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certifi...	S
CVE-2011-0540	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2011-0541	fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local...	S
CVE-2011-0542	fusermount in fuse 2.8.5 and earlier does not perform a chdir to / before performing a mount or umou...	S
CVE-2011-0543	Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not suppo...	S
CVE-2011-0544	phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag....
CVE-2011-0545	Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (...	E
CVE-2011-0546	Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information sent...
CVE-2011-0547	Multiple integer overflows in vxsvc.exe in the Veritas Enterprise Administrator service in Symantec ...	S
CVE-2011-0548	Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Syma...
CVE-2011-0549	SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows...
CVE-2011-0550	Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection ...
CVE-2011-0551	Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Mana...
CVE-2011-0552	Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager...
CVE-2011-0553	SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows re...
CVE-2011-0554	The management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbit...
CVE-2011-0555	The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execu...	S
CVE-2011-0556	The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arb...	S
CVE-2011-0557	Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbi...	S
CVE-2011-0558	Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code...	S
CVE-2011-0559	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0560	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0561	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0562	Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2...	S
CVE-2011-0563	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0564	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows use w...	S
CVE-2011-0565	Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...	S
CVE-2011-0566	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0567	AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 ...	S
CVE-2011-0568	Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...	S
CVE-2011-0569	The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arb...	S
CVE-2011-0570	Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2...	S
CVE-2011-0571	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0572	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0573	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0574	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0575	Untrusted search path vulnerability in Adobe Flash Player before 10.2.152.26 allows local users to g...	S
CVE-2011-0576	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0577	Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execut...	S
CVE-2011-0578	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0579	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0580	Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Adobe ColdFusion...	S
CVE-2011-0581	Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers...	S
CVE-2011-0582	Unspecified vulnerability in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allows ...	S
CVE-2011-0583	Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attacke...	S
CVE-2011-0584	Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to hija...	S
CVE-2011-0585	Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x ...	S
CVE-2011-0586	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0587	Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before ...	S
CVE-2011-0588	Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2...	S
CVE-2011-0589	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0590	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0591	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0592	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0593	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0594	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0595	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0596	The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9....	S
CVE-2011-0597	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0598	Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8....	S
CVE-2011-0599	The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before ...	S
CVE-2011-0600	The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8...	S
CVE-2011-0601	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0602	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0603	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and M...	S
CVE-2011-0604	Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before ...	S
CVE-2011-0605	Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allo...	S
CVE-2011-0606	Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9...	S
CVE-2011-0607	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0608	Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial o...	S
CVE-2011-0609	Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux,...	KEV
CVE-2011-0610	The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Read...	S
CVE-2011-0611	Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and e...	KEV E S
CVE-2011-0612	Adobe Flash Media Server (FMS) before 3.5.6, and 4.x before 4.0.2, allows remote attackers to cause ...	S
CVE-2011-0613	Multiple cross-site scripting (XSS) vulnerabilities in RoboHelp 7 and 8, and RoboHelp Server 7 and 8...	S
CVE-2011-0614	Buffer overflow in Adobe Audition 3.0.1 and earlier allows remote attackers to cause a denial of ser...	E
CVE-2011-0615	Multiple buffer overflows in Adobe Audition 3.0.1 and earlier allow remote attackers to execute arbi...	E
CVE-2011-0616	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0617	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0618	Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris a...	S
CVE-2011-0619	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0620	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0621	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0622	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0623	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0624	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0625	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0626	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0627	Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.2...	S
CVE-2011-0628	Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris a...	S
CVE-2011-0629	Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allow...	S
CVE-2011-0633	The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW::Mechanize, LWP::UserAgent, a...
CVE-2011-0634	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1002. Reason: This candida...	R
CVE-2011-0635	Static code injection vulnerability in Simploo CMS 1.7.1 and earlier allows remote authenticated use...	E
CVE-2011-0636	The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer driv...
CVE-2011-0637	The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocatin...
CVE-2011-0638	Microsoft Windows does not properly warn the user before enabling additional Human Interface Device ...
CVE-2011-0639	Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HI...
CVE-2011-0640	The default configuration of udev on Linux does not warn the user before enabling additional Human I...
CVE-2011-0641	Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/admin.php in the StatPressCN plugin ...
CVE-2011-0642	Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 all...	E
CVE-2011-0643	Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (...	E
CVE-2011-0644	SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote a...	E
CVE-2011-0645	SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitra...	E
CVE-2011-0646	SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbit...	E
CVE-2011-0647	The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsof...
CVE-2011-0648	Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain pr...
CVE-2011-0649	Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Ser...
CVE-2011-0650	Cross-site request forgery (CSRF) vulnerability in Greenbone Security Assistant (GSA) before 2.0+rc3...
CVE-2011-0651	Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 al...
CVE-2011-0652	lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a den...	E
CVE-2011-0653	Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010 Gold and SP1, an...
CVE-2011-0654	Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS)...	E
CVE-2011-0655	Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Co...
CVE-2011-0656	Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Op...
CVE-2011-0657	DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows V...
CVE-2011-0658	Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows...
CVE-2011-0659	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0660	The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and S...
CVE-2011-0661	The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista S...
CVE-2011-0662	Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-0663	Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through...
CVE-2011-0664	Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before...
CVE-2011-0665	Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-0666	Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-0667	Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-0669	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0670	Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-0671	Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-0672	Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-0673	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privile...
CVE-2011-0674	Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-0675	Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-0676	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-0677	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-0678	Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 a...	E
CVE-2011-0679	IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and ...
CVE-2011-0680	data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does ...	S
CVE-2011-0681	The Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes ...
CVE-2011-0682	Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbit...
CVE-2011-0683	Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remo...
CVE-2011-0684	Opera before 11.01 does not properly handle redirections and unspecified other HTTP responses, which...
CVE-2011-0685	The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all ema...
CVE-2011-0686	Unspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service...
CVE-2011-0687	Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, w...
CVE-2011-0688	Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SA...
CVE-2011-0694	RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Ente...
CVE-2011-0695	Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma...	E S
CVE-2011-0696	Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that conta...	S
CVE-2011-0697	Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might a...	S
CVE-2011-0698	Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows mig...	S
CVE-2011-0699	Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows lo...	S
CVE-2011-0700	Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote authentic...	S
CVE-2011-0701	wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticate...	S
CVE-2011-0702	The feh_unique_filename function in utils.c in feh before 1.11.2 might allow local users to overwrit...	S
CVE-2011-0703	In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow...
CVE-2011-0704	389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of ...
CVE-2011-0705	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...	R
CVE-2011-0706	The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0,...	S
CVE-2011-0707	Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earl...	S
CVE-2011-0708	exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, whi...	E S
CVE-2011-0709	The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows...	E S
CVE-2011-0710	The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-2...	S
CVE-2011-0711	The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does n...	S
CVE-2011-0712	Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kerne...	S
CVE-2011-0713	Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 throug...	S
CVE-2011-0714	Use-after-free vulnerability in a certain Red Hat patch for the RPC server sockets functionality in ...
CVE-2011-0715	The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16...	S
CVE-2011-0716	The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, ...	S
CVE-2011-0717	Session fixation vulnerability in Red Hat Network (RHN) Satellite Server 5.4 allows remote attackers...
CVE-2011-0718	Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt, w...
CVE-2011-0719	Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks f...	S
CVE-2011-0720	Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other produ...
CVE-2011-0721	Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users...
CVE-2011-0722	FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denia...
CVE-2011-0723	FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of se...
CVE-2011-0724	The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private key...
CVE-2011-0725	Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py...
CVE-2011-0726	The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform ...	S
CVE-2011-0727	GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrar...	S
CVE-2011-0728	Cross-site scripting (XSS) vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows ...	S
CVE-2011-0729	dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restric...	S
CVE-2011-0730	Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and...	S
CVE-2011-0731	Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 bef...
CVE-2011-0732	Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM T...
CVE-2011-0733	Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attacke...	E
CVE-2011-0734	Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attacke...	E
CVE-2011-0735	Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attacke...	E
CVE-2011-0736	Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows ...	E
CVE-2011-0737	Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via ...	E
CVE-2011-0738	MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the...	S
CVE-2011-0739	The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) ...	S
CVE-2011-0740	Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0....	E
CVE-2011-0741	Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote atta...
CVE-2011-0742	Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers t...
CVE-2011-0745	SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produc...	E
CVE-2011-0746	Cross-site request forgery (CSRF) vulnerability in Forms/PortForwarding_Edit_1 on the ZyXEL O2 DSL R...	E
CVE-2011-0748	Multiple cross-site request forgery (CSRF) vulnerabilities in phpList before 2.10.13 allow remote at...	E
CVE-2011-0751	Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote atta...	E
CVE-2011-0752	The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to ov...
CVE-2011-0753	Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists...	S
CVE-2011-0754	The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on...
CVE-2011-0755	Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-depend...	E
CVE-2011-0756	The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentia...
CVE-2011-0757	IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not pr...
CVE-2011-0758	The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 ...
CVE-2011-0759	Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration page in the Recaptch...
CVE-2011-0760	Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration screen in wp-related...
CVE-2011-0761	Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereferenc...	E
CVE-2011-0762	The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated u...	E
CVE-2011-0764	t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid ...	S
CVE-2011-0765	Unspecified vulnerability in lft in pWhois Layer Four Traceroute (LFT) 3.x before 3.3 allows local u...
CVE-2011-0766	The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used ...	S
CVE-2011-0767	Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperv...
CVE-2011-0770	Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connecto...
CVE-2011-0771	The Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not validate the file for a profile...	S
CVE-2011-0772	Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions bef...	E S
CVE-2011-0773	Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 a...	E S
CVE-2011-0774	PivotX before 2.2.2 allows remote attackers to obtain sensitive information via a direct request to ...	E S
CVE-2011-0775	pivotx/modules/module_image.php in PivotX 2.2.2 allows remote attackers to obtain sensitive informat...
CVE-2011-0776	The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attacke...	E S
CVE-2011-0777	Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a d...	E S
CVE-2011-0778	Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might all...
CVE-2011-0779	Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows...	E S
CVE-2011-0780	The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print opera...
CVE-2011-0781	Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has unspeci...
CVE-2011-0782	Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate an unspecified flaw in the Ma...	E S
CVE-2011-0783	Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers t...	E S
CVE-2011-0784	Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code ...	E S
CVE-2011-0785	Unspecified vulnerability in the Oracle Help component in Oracle Database Server 11.1.0.7, 11.2.0.1,...	S
CVE-2011-0786	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0787	Unspecified vulnerability in the Application Service Level Management component in Oracle Database S...	S
CVE-2011-0788	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0789	Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.2.3 a...	S
CVE-2011-0790	Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality vi...	S
CVE-2011-0791	Unspecified vulnerability in the Application Object Library component in Oracle E-Business Suite 11....	S
CVE-2011-0792	Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0...	S
CVE-2011-0793	Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0...	S
CVE-2011-0794	Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...	S
CVE-2011-0795	Unspecified vulnerability in the Single Sign On component in Oracle Fusion Middleware 10.1.2.3 allow...	S
CVE-2011-0796	Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2...	S
CVE-2011-0797	Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2...	S
CVE-2011-0798	Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 11.1.1.2....	S
CVE-2011-0799	Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0...	S
CVE-2011-0800	Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows...	S
CVE-2011-0801	Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect confident...	S
CVE-2011-0802	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0803	Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Produ...	S
CVE-2011-0804	Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0...	S
CVE-2011-0805	Unspecified vulnerability in the UIX component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0....	S
CVE-2011-0806	Unspecified vulnerability in the Network Foundation component in Oracle Database Server 10.1.0.5, 10...	S
CVE-2011-0807	Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun J...	S
CVE-2011-0808	Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...	S
CVE-2011-0809	Unspecified vulnerability in the Web ADI component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12....	S
CVE-2011-0810	Unspecified vulnerability Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld...	S
CVE-2011-0811	Unspecified vulnerability in the Enterprise Config Management component in Oracle Database Server 10...	S
CVE-2011-0812	Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows...	S
CVE-2011-0813	Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect av...	S
CVE-2011-0814	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0815	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0816	Unspecified vulnerability in the CMDB Metadata & Instance APIs component in Oracle Database Server 1...	S
CVE-2011-0817	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0818	Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWo...	S
CVE-2011-0819	Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWo...	S
CVE-2011-0820	Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect ava...	S
CVE-2011-0821	Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentialit...	S
CVE-2011-0822	Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server ...	S
CVE-2011-0823	Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWo...	S
CVE-2011-0824	Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWo...	S
CVE-2011-0825	Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWo...	S
CVE-2011-0826	Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle #13, 8.9 Bundle #7, 9.0 Bundle ...	S
CVE-2011-0827	Unspecified vulnerability in the PeopleSoft Enterprise component in Oracle PeopleSoft Products 8.50 ...	S
CVE-2011-0828	Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle #13 allows remote attackers to ...	S
CVE-2011-0829	Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availabil...	S
CVE-2011-0830	Unspecified vulnerability in the Event Management component in Oracle Database Server 10.1.0.5, 10.2...	S
CVE-2011-0831	Unspecified vulnerability in the Enterprise Config Management component in Oracle Database Server 10...	S
CVE-2011-0832	Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, ...	S
CVE-2011-0833	Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 7.8.2, 8.0.0, and 8....	S
CVE-2011-0834	Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 8.0.0 and 8.1.1 allo...	S
CVE-2011-0835	Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, ...	S
CVE-2011-0836	Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWo...	S
CVE-2011-0837	Unspecified vulnerability in the Agile Technology Platform component in Oracle Supply Chain Products...	S
CVE-2011-0838	Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, ...	S
CVE-2011-0839	Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect avail...	S
CVE-2011-0840	Unspecified vulnerability in Oracle PeopleSoft Enterprise PeopleTools 8.49 GA through 8.49.30 allows...	S
CVE-2011-0841	Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availabilit...	S
CVE-2011-0842	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0843	Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 7.8.2, 8.0.0, and 8....	S
CVE-2011-0844	Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in...	S
CVE-2011-0845	Unspecified vulnerability in the Database Control component in Oracle Enterprise Manager Grid Contro...	S
CVE-2011-0846	Unspecified vulnerability in the Oracle Sun Java System Access Manager Policy Agent 2.2 allows remot...	S
CVE-2011-0847	Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in...	S
CVE-2011-0848	Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10...	S
CVE-2011-0849	Unspecified vulnerability in Oracle Java Dynamic Management Kit 5.1 allows remote attackers to affec...	S
CVE-2011-0850	Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 Bundle #41 allows remote authentic...	S
CVE-2011-0851	Unspecified vulnerability in Oracle PeopleSoft Enterprise ELS 9.0 Bundle #19 and 9.1 Bundle #5 allow...	S
CVE-2011-0852	Unspecified vulnerability in the Security Management component in Oracle Database Server 10.1.0.5, 1...	S
CVE-2011-0853	Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allo...	S
CVE-2011-0854	Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 Bundle #5 allows remote authentic...	S
CVE-2011-0855	Unspecified vulnerability in the InForm component in Oracle Industry Applications 4.5, 4.6, and 5.0 ...	S
CVE-2011-0856	Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.49 GA through 8.49.30, 8.50 GA through 8...	S
CVE-2011-0857	Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allo...	S
CVE-2011-0858	Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allo...	S
CVE-2011-0859	Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Tax Update 11-B and 9.1 Tax Updat...	S
CVE-2011-0860	Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Update 2011-B and 9.1 Update 2011...	S
CVE-2011-0861	Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Update 2011-B and 9.1 Update 2011...	S
CVE-2011-0862	Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java ...	S
CVE-2011-0863	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0864	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0865	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0866	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0867	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0868	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0869	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0870	Unspecified vulnerability in the Schema Management component in Oracle Database Server 10.1.0.5, 10....	S
CVE-2011-0871	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0872	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0873	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update...	S
CVE-2011-0874	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0875	Unspecified vulnerability in the EMCTL component in Oracle Database Server 11.1.0.7 and Oracle Enter...	S
CVE-2011-0876	Unspecified vulnerability in the Enterprise Manager Console component in Oracle Database Server 10.1...	S
CVE-2011-0877	Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 1...	S
CVE-2011-0878	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2011-0879	Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 1...	S
CVE-2011-0880	Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, ...	S
CVE-2011-0881	Unspecified vulnerability in the EMCTL component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 1...	S
CVE-2011-0882	Unspecified vulnerability in the Content Management component in Oracle Database Server 10.1.0.5, 10...	S
CVE-2011-0883	Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10...	S
CVE-2011-0884	Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Fusion Middleware 1...	S
CVE-2011-0885	A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49...	E
CVE-2011-0886	Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the SMC SMCD3G-CC...	E
CVE-2011-0887	The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before ...	E
CVE-2011-0889	Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7...
CVE-2011-0890	HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches t...
CVE-2011-0891	Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows lo...
CVE-2011-0892	Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and 8.0x before 8.05.54.225 allows r...
CVE-2011-0893	Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX platforms allows remote attac...
CVE-2011-0894	Unspecified vulnerability in HP Operations 9.10 on UNIX platforms allows remote authenticated users ...
CVE-2011-0895	Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authentica...
CVE-2011-0896	Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote au...
CVE-2011-0897	Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 allows local users to read arbitr...
CVE-2011-0898	Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.00 allows remote atta...
CVE-2011-0899	The AES encryption module 7.x-1.4 for Drupal leaves certain debugging code enabled in release, which...	S
CVE-2011-0900	Stack-based buffer overflow in the tsc_launch_remote function (src/support.c) in Terminal Server Cli...	E
CVE-2011-0901	Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal ...
CVE-2011-0902	Multiple untrusted search path vulnerabilities in the Java Service in Sun Microsystems SunScreen Fir...	E
CVE-2011-0903	Multiple directory traversal vulnerabilities in AR Web Content Manager (AWCM) 2.2 allow remote attac...	E
CVE-2011-0904	The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x ...	S
CVE-2011-0905	The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x ...	S
CVE-2011-0908	Open redirect vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to redirect us...
CVE-2011-0909	Cross-site scripting (XSS) vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers t...
CVE-2011-0910	The cookie implementation in Vanilla Forums before 2.0.17.6 makes it easier for remote attackers to ...
CVE-2011-0911	Cross-site scripting (XSS) vulnerability in the Users module in Zikula before 1.2.5 allows remote at...
CVE-2011-0912	Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP...
CVE-2011-0913	Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Dom...
CVE-2011-0914	Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino...
CVE-2011-0915	Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers ...
CVE-2011-0916	Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execu...
CVE-2011-0917	Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code v...	E
CVE-2011-0918	Stack-based buffer overflow in the NRouter (aka Router) service in IBM Lotus Domino allows remote at...
CVE-2011-0919	Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP services in IBM Lotus Domino allo...
CVE-2011-0920	The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share...
CVE-2011-0921	crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate cr...
CVE-2011-0922	The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SE...
CVE-2011-0923	The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote a...
CVE-2011-0924	The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD c...
CVE-2011-0925	The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows ...
CVE-2011-0926	A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly ver...
CVE-2011-0935	The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain publi...
CVE-2011-0939	Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows ...
CVE-2011-0941	Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)s...
CVE-2011-0943	Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO pro...
CVE-2011-0944	Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) ...
CVE-2011-0945	Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 th...
CVE-2011-0946	The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, all...
CVE-2011-0949	Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock fi...
CVE-2011-0951	The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6...
CVE-2011-0959	Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) befor...	E
CVE-2011-0960	Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow r...	E
CVE-2011-0961	Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco Cisco...	E
CVE-2011-0962	Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the...	E
CVE-2011-0963	The default configuration of the RADIUS authentication feature on the Cisco Network Admission Contro...
CVE-2011-0966	Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco Ci...	E
CVE-2011-0975	Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in Performance Analysis for Serve...
CVE-2011-0976	Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File F...
CVE-2011-0977	Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 20...
CVE-2011-0978	Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac...
CVE-2011-0979	Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XM...
CVE-2011-0980	Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Conver...
CVE-2011-0981	Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allow...	E S
CVE-2011-0982	Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a d...	E S
CVE-2011-0983	Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attac...	E S
CVE-2011-0984	Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to ...	S
CVE-2011-0985	Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion...	S
CVE-2011-0986	phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence o...	S
CVE-2011-0987	The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, a...	S
CVE-2011-0988	pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 ...
CVE-2011-0989	The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4...	S
CVE-2011-0990	Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, wh...	S
CVE-2011-0991	Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, ...	S
CVE-2011-0992	Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, ...	S
CVE-2011-0993	SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows l...
CVE-2011-0994	Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote...	S
CVE-2011-0995	The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE...
CVE-2011-0996	dhcpcd before 5.2.12 allows remote attackers to execute arbitrary commands via shell metacharacters ...	S
CVE-2011-0997	dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV bef...	E S
CVE-2011-0999	mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not prevent creation of a transparent hu...	S