CVE-2011-1xxx

There are 922 CVE in this subgroup.
Last updated: 
← Back to 2011
ID Summary Flags Max Score
CVE-2011-1000 jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 a...
S
CVE-2011-1001 dexdump in Android SDK before 2.3 does not properly perform structural verification, which allows us...
CVE-2011-1002 avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial...
E
CVE-2011-1003 Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ...
CVE-2011-1004 The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1...
S
CVE-2011-1005 The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows...
E S
CVE-2011-1006 Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control ...
S
CVE-2011-1007 Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, whi...
S
CVE-2011-1008 Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a...
S
CVE-2011-1009 Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter....
E
CVE-2011-1010 Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6....
S
CVE-2011-1011 The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of poli...
S
CVE-2011-1012 The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does n...
S
CVE-2011-1013 Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Dir...
S
CVE-2011-1014 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-0465. Reason: This candida...
R
CVE-2011-1015 The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows...
E S
CVE-2011-1016 The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related t...
S
CVE-2011-1017 Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2...
E S
CVE-2011-1018 logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metach...
S
CVE-2011-1019 The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypa...
E S
CVE-2011-1020 The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access t...
E
CVE-2011-1021 drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel ...
E S
CVE-2011-1022 The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Co...
S
CVE-2011-1023 The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly ha...
E S
CVE-2011-1024 chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain...
S
CVE-2011-1025 bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Di...
S
CVE-2011-1026 Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and ...
E
CVE-2011-1027 Off-by-one error in the convert_query_hexchar function in html.c in cgit.cgi in cgit before 0.8.3.5 ...
E S
CVE-2011-1028 The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via...
CVE-2011-1029 Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 2.0.0.x allows remote au...
CVE-2011-1030 Cross-site scripting (XSS) vulnerability in the Wikis component in IBM Lotus Connections 3.0 allows ...
CVE-2011-1031 The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to cre...
S
CVE-2011-1032 IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly...
CVE-2011-1033 Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attac...
CVE-2011-1034 Cross-site scripting (XSS) vulnerability in the UI in IBM Rational Build Forge 7.0.2 allows remote a...
CVE-2011-1035 The password reset in PivotX before 2.2.4 allows remote attackers to modify the passwords of arbitra...
S
CVE-2011-1036 The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component i...
CVE-2011-1038 Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametim...
E
CVE-2011-1042 Use-after-free vulnerability in flimflamd in flimflam in Google Chrome OS before 0.9.130.14 Beta all...
S
CVE-2011-1044 The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2....
S
CVE-2011-1045 Unspecified vulnerability in the Rendition Engine (aka P8RE) 4.0.1 through 4.5.1 in IBM FileNet P8 C...
CVE-2011-1046 IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager ...
CVE-2011-1047 Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1....
E
CVE-2011-1048 SQL injection vulnerability in product.php in MihanTools 1.33 allows remote attackers to execute arb...
E
CVE-2011-1049 Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted...
CVE-2011-1050 Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors rela...
CVE-2011-1051 Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unk...
CVE-2011-1052 Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impa...
CVE-2011-1053 Unspecified vulnerability in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows use...
CVE-2011-1054 Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown i...
CVE-2011-1055 SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS 1.0 allows remote attackers to...
E
CVE-2011-1056 The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissio...
CVE-2011-1057 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1056. Reason: This candida...
R
CVE-2011-1058 Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py ...
S
CVE-2011-1059 Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11....
E S
CVE-2011-1060 SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows re...
E
CVE-2011-1061 SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute a...
E
CVE-2011-1062 Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 a...
E
CVE-2011-1063 Multiple cross-site scripting (XSS) vulnerabilities in Cherry-Design Photopad 1.2.0 allow remote att...
E
CVE-2011-1064 SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to ex...
CVE-2011-1065 Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI...
CVE-2011-1066 Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4.x ...
S
CVE-2011-1067 slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimi...
S
CVE-2011-1068 Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1.3.20121.1237, when Full IIS an...
S
CVE-2011-1069 PHPShop through 0.8.1 has XSS....
E
CVE-2011-1070 v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could all...
CVE-2011-1071 The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-depen...
E S
CVE-2011-1072 The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink att...
E S
CVE-2011-1073 crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the existence...
E
CVE-2011-1074 crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directori...
E
CVE-2011-1075 FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes...
CVE-2011-1076 net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allows remote DNS servers to cause a de...
E S
CVE-2011-1077 Multiple cross-site scripting (XSS) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x b...
E
CVE-2011-1078 The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does n...
S
CVE-2011-1079 The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not...
S
CVE-2011-1080 The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does no...
CVE-2011-1081 modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of servi...
E S
CVE-2011-1082 fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll da...
S
CVE-2011-1083 The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree ...
S
CVE-2011-1084 A cross-site scripting (XSS) vulnerability in Smoothwall Express 3....
CVE-2011-1085 CSRF vulnerability in Smoothwall Express 3....
CVE-2011-1086 Cross-site scripting (XSS) vulnerability in admin/system.html in Openfiler 2.3 allows remote attacke...
E
CVE-2011-1087 Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a ...
E
CVE-2011-1088 Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote att...
S
CVE-2011-1089 The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an...
CVE-2011-1090 The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4...
S
CVE-2011-1091 libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remot...
S
CVE-2011-1092 Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to caus...
E S
CVE-2011-1093 The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol ...
S
CVE-2011-1094 kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the serve...
S
CVE-2011-1095 locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not qu...
E S
CVE-2011-1096 The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Ente...
CVE-2011-1097 rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows rem...
S
CVE-2011-1098 Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows...
S
CVE-2011-1099 Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 allow remote...
E
CVE-2011-1100 Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authentica...
E
CVE-2011-1101 Multiple unspecified vulnerabilities in a third-party component of the Citrix Licensing Administrati...
CVE-2011-1102 Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, ...
S
CVE-2011-1103 The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 o...
S
CVE-2011-1104 Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare EVM allow remote attackers to h...
CVE-2011-1105 Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM allow remote attackers to inject a...
CVE-2011-1106 Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows ...
E
CVE-2011-1107 Unspecified vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to spoof the U...
E
CVE-2011-1108 Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote...
E S
CVE-2011-1109 Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) sty...
CVE-2011-1110 Google Chrome before 9.0.597.107 does not properly implement key frame rules, which allows remote at...
E S
CVE-2011-1111 Google Chrome before 9.0.597.107 does not properly implement forms controls, which allows remote att...
E
CVE-2011-1112 Google Chrome before 9.0.597.107 does not properly perform SVG rendering, which allows remote attack...
E S
CVE-2011-1113 Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserial...
S
CVE-2011-1114 Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to c...
E S
CVE-2011-1115 Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to c...
E
CVE-2011-1116 Google Chrome before 9.0.597.107 does not properly handle SVG animations, which allows remote attack...
E S
CVE-2011-1117 Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attac...
E
CVE-2011-1118 Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote att...
E S
CVE-2011-1119 Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote...
CVE-2011-1120 The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a deni...
E S
CVE-2011-1121 Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of se...
E S
CVE-2011-1122 The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a deni...
E S
CVE-2011-1123 Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, ...
E S
CVE-2011-1124 Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a ...
E S
CVE-2011-1125 Google Chrome before 9.0.597.107 does not properly perform layout, which allows remote attackers to ...
E S
CVE-2011-1126 VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4...
CVE-2011-1127 SSI.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly rest...
S
CVE-2011-1128 The loadUserSettings function in Load.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x befo...
S
CVE-2011-1129 Cross-site scripting (XSS) vulnerability in the EditNews function in ManageNews.php in Simple Machin...
S
CVE-2011-1130 Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly validate the st...
S
CVE-2011-1131 The PlushSearch2 function in Search.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before...
S
CVE-2011-1132 The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a ...
S
CVE-2011-1133 Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows rem...
CVE-2011-1134 Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows rem...
CVE-2011-1135 Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows rem...
CVE-2011-1136 In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and c...
E S
CVE-2011-1137 Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attac...
E S
CVE-2011-1138 Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through...
E S
CVE-2011-1139 wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers t...
E S
CVE-2011-1140 Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_s...
E S
CVE-2011-1141 epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allo...
E S
CVE-2011-1142 Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark...
CVE-2011-1143 epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote at...
S
CVE-2011-1144 The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlin...
CVE-2011-1145 The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow conditio...
CVE-2011-1146 libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only c...
S
CVE-2011-1147 Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_pa...
S
CVE-2011-1148 Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-...
CVE-2011-1149 Android before 2.3 does not properly restrict access to the system property space, which allows loca...
E S
CVE-2011-1150 bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter....
E
CVE-2011-1151 Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters....
E
CVE-2011-1152 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3712. Reason: This candida...
R
CVE-2011-1153 Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earli...
S
CVE-2011-1154 The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent ...
S
CVE-2011-1155 The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent ...
S
CVE-2011-1156 feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows rem...
E S
CVE-2011-1157 Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser o...
E S
CVE-2011-1158 Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser o...
S
CVE-2011-1159 acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected ...
E S
CVE-2011-1160 The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initializ...
E S
CVE-2011-1161 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1160, CVE-2011-1162. Reaso...
R
CVE-2011-1162 The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow loca...
CVE-2011-1163 The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properl...
S
CVE-2011-1164 Vino before 2.99.4 can connect external networks contrary to the statement in the vino-preferences d...
CVE-2011-1165 Vino, possibly before 3.2, does not properly document that it opens ports in UPnP routers when the "...
E S
CVE-2011-1166 Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) ...
S
CVE-2011-1167 Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9....
S
CVE-2011-1168 Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cp...
E
CVE-2011-1169 Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience...
S
CVE-2011-1170 net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does no...
S
CVE-2011-1171 net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not...
S
CVE-2011-1172 net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does no...
S
CVE-2011-1173 The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_6...
S
CVE-2011-1174 manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x before 1.6.2.17.2, and 1.8.x befo...
CVE-2011-1175 tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2...
S
CVE-2011-1176 The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11...
S
CVE-2011-1177 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2011-1178 Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchang...
S
CVE-2011-1179 The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows remote attac...
S
CVE-2011-1180 Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/i...
CVE-2011-1181 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2011-1182 kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a s...
E S
CVE-2011-1183 Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints,...
S
CVE-2011-1184 The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x befor...
S
CVE-2011-1185 Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the to...
E
CVE-2011-1186 Google Chrome before 10.0.648.127 on Linux does not properly handle parallel execution of calls to t...
E S
CVE-2011-1187 Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspe...
E
CVE-2011-1188 Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attack...
E S
CVE-2011-1189 Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attacker...
E
CVE-2011-1190 The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypas...
E S
CVE-2011-1191 Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a...
CVE-2011-1192 Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows rem...
E S
CVE-2011-1193 Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same ...
E
CVE-2011-1194 Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to ...
E
CVE-2011-1195 Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a...
E S
CVE-2011-1196 The OGG container implementation in Google Chrome before 10.0.648.127 allows remote attackers to cau...
E S
CVE-2011-1197 Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote atta...
E S
CVE-2011-1198 The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a deni...
E S
CVE-2011-1199 Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote att...
CVE-2011-1200 Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable during...
E S
CVE-2011-1201 The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote at...
CVE-2011-1202 The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google ...
E S
CVE-2011-1203 Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attacker...
CVE-2011-1204 Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers...
CVE-2011-1205 Multiple buffer overflows in unspecified COM objects in Rational Common Licensing 7.0 through 7.1.1....
CVE-2011-1206 Stack-based buffer overflow in the server process in ibmslapd.exe in IBM Tivoli Directory Server (TD...
S
CVE-2011-1207 The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX controls, as distributed in Ac...
S
CVE-2011-1208 IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49)...
CVE-2011-1209 IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.17 uses a weak WS-Se...
S
CVE-2011-1213 Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, all...
CVE-2011-1214 Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5....
S
CVE-2011-1215 Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5....
CVE-2011-1216 Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2...
CVE-2011-1217 Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, al...
CVE-2011-1218 Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, all...
CVE-2011-1220 Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1,...
CVE-2011-1221 Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0...
CVE-2011-1222 Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli...
CVE-2011-1223 Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-a...
CVE-2011-1224 IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points...
CVE-2011-1225 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1226 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1227 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1228 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1229 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
S
CVE-2011-1230 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1231 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1232 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1233 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1234 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1235 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1236 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1237 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1238 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1239 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1240 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1241 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1242 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1243 The Windows Messenger ActiveX control in msgsc.dll in Microsoft Windows XP SP2 and SP3 allows remote...
CVE-2011-1244 Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content acc...
S
CVE-2011-1245 Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) d...
CVE-2011-1246 Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which all...
S
CVE-2011-1247 Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Win...
CVE-2011-1248 WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 does not properl...
CVE-2011-1249 The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2...
E
CVE-2011-1250 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1251 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack...
S
CVE-2011-1252 Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microso...
CVE-2011-1253 Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831...
CVE-2011-1254 Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1255 The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Exp...
S
CVE-2011-1256 Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1257 Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitra...
S
CVE-2011-1258 Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-ass...
S
CVE-2011-1259 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2011-1260 Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote ...
CVE-2011-1261 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1262 Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1263 Cross-site scripting (XSS) vulnerability in the logon page in Remote Desktop Web Access (RD Web Acce...
CVE-2011-1264 Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment in ...
CVE-2011-1265 The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not p...
S
CVE-2011-1266 The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through ...
S
CVE-2011-1267 The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1...
CVE-2011-1268 The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and S...
CVE-2011-1269 Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File F...
CVE-2011-1270 Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arb...
CVE-2011-1271 The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDi...
E
CVE-2011-1272 Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format...
CVE-2011-1273 Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XM...
CVE-2011-1274 Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format...
CVE-2011-1275 Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter fo...
CVE-2011-1276 Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; O...
CVE-2011-1277 Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not pro...
CVE-2011-1278 Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information during ...
CVE-2011-1279 Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Conver...
CVE-2011-1280 The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP...
CVE-2011-1281 The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 ...
CVE-2011-1282 The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 ...
CVE-2011-1283 The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 ...
CVE-2011-1284 Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Micro...
CVE-2011-1285 The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implemen...
CVE-2011-1286 Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial o...
CVE-2011-1288 WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...
S
CVE-2011-1290 Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmw...
CVE-2011-1291 Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attacke...
E S
CVE-2011-1292 Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204...
E
CVE-2011-1293 Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.2...
CVE-2011-1294 Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequen...
CVE-2011-1295 WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properl...
CVE-2011-1296 Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers t...
CVE-2011-1298 An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::Graphic...
E S
CVE-2011-1300 The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the Web...
CVE-2011-1301 Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote a...
E S
CVE-2011-1302 Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote att...
CVE-2011-1303 Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote atta...
S
CVE-2011-1304 Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the ...
E S
CVE-2011-1305 Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to ...
S
CVE-2011-1306 Unspecified vulnerability in the Scratchpad application in Google Chrome OS before R10 0.10.156.46 B...
CVE-2011-1307 The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a t...
CVE-2011-1308 Cross-site scripting (XSS) vulnerability in the Installation Verification Test (IVT) application in ...
CVE-2011-1309 The Plug-in component in IBM WebSphere Application Server (WAS) before 7.0.0.15 does not properly ha...
CVE-2011-1310 The Administrative Scripting Tools component in IBM WebSphere Application Server (WAS) 6.1.0.x befor...
CVE-2011-1311 The Security component in IBM WebSphere Application Server (WAS) before 7.0.0.15, when a J2EE 1.4 ap...
CVE-2011-1312 The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0....
CVE-2011-1313 Double free vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x ...
S
CVE-2011-1314 The Service Integration Bus (SIB) messaging engine in IBM WebSphere Application Server (WAS) before ...
S
CVE-2011-1315 Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows...
CVE-2011-1316 The Session Initiation Protocol (SIP) Proxy in the HTTP Transport component in IBM WebSphere Applica...
CVE-2011-1317 Memory leak in com.ibm.ws.jsp.runtime.WASJSPStrBufferImpl in the JavaServer Pages (JSP) component in...
S
CVE-2011-1318 Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) compon...
CVE-2011-1319 The Security component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x bef...
CVE-2011-1320 The Security component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x bef...
CVE-2011-1321 The AuthCache purge implementation in the Security component in IBM WebSphere Application Server (WA...
CVE-2011-1322 The SOAP with Attachments API for Java (SAAJ) implementation in the Web Services component in IBM We...
CVE-2011-1323 Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware 6.x through 10.x, and NEC IP38X ...
CVE-2011-1324 Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, ...
CVE-2011-1325 Cross-site request forgery (CSRF) vulnerability in EC-CUBE before 2.11.0 allows remote attackers to ...
CVE-2011-1326 Unspecified vulnerability on the La Fonera+ router with firmware before 1.7.0.1 allows remote attack...
CVE-2011-1327 The Keystroke Encryption feature in Trend Micro Internet Security 2009 (aka Virus Buster 2009 and PC...
CVE-2011-1328 SQL injection vulnerability in RADVISION iVIEW Suite before 7.5 allows remote attackers to execute a...
CVE-2011-1329 WalRack 1.x before 1.1.9 and 2.x before 2.0.7 does not properly restrict file uploads, which allows ...
S
CVE-2011-1330 Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE, 5.02 Pro/LE, 5.03 Pro/LE, 5.04 Pro/L...
CVE-2011-1331 JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010...
E S
CVE-2011-1332 Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attacker...
S
CVE-2011-1333 Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 al...
S
CVE-2011-1334 Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybo...
S
CVE-2011-1335 Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote att...
S
CVE-2011-1336 Buffer overflow in ALZip 8.21 and earlier allows remote attackers to execute arbitrary code via a cr...
CVE-2011-1337 Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via inval...
CVE-2011-1338 Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges vi...
CVE-2011-1339 Cross-site scripting (XSS) vulnerability in Google Search Appliance before 5.0 allows remote attacke...
CVE-2011-1340 Cross-site scripting (XSS) vulnerability in skins/plone_templates/default_error_message.pt in Plone ...
E S
CVE-2011-1341 Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before 4.0.4.0, and Aipo for ASP bef...
S
CVE-2011-1342 SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ASP before 5.1.1, allows remo...
S
CVE-2011-1343 SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remot...
CVE-2011-1344 Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for i...
CVE-2011-1345 Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows rem...
CVE-2011-1346 Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to e...
CVE-2011-1347 Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to b...
CVE-2011-1350 The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive info...
CVE-2011-1352 The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an appli...
E
CVE-2011-1353 Unspecified vulnerability in Adobe Reader 10.x before 10.1.1 on Windows allows local users to gain p...
S
CVE-2011-1355 Open redirect vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 be...
CVE-2011-1356 IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows local user...
CVE-2011-1357 Cross-site scripting (XSS) vulnerability in agentDetect.jsp in the web UI in IBM WebSphere Service R...
CVE-2011-1359 Directory traversal vulnerability in the administration console in IBM WebSphere Application Server ...
CVE-2011-1360 Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP Server 2.0.47 and earlier, as used i...
CVE-2011-1362 Cross-site scripting (XSS) vulnerability in the Installation Verification Test (IVT) application in ...
CVE-2011-1364 Cross-site request forgery (CSRF) vulnerability in _ah/admin/interactive/execute (aka the Interactiv...
E S
CVE-2011-1366 Unspecified vulnerability in the Import feature in IBM Rational AppScan Enterprise and AppScan Repor...
CVE-2011-1367 Unspecified vulnerability in the File Load feature in IBM Rational AppScan Standard and Express 7.8....
CVE-2011-1368 The JavaServer Faces (JSF) application functionality in IBM WebSphere Application Server 8.x before ...
CVE-2011-1370 The default configuration of the Sametime configuration servlet (SCS) in the server in IBM Lotus Sam...
CVE-2011-1371 Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server...
CVE-2011-1372 The Web User Interface on the IBM TS3100 and TS3200 tape libraries with firmware before A.60 allows ...
CVE-2011-1373 Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (ST...
CVE-2011-1374 Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or...
CVE-2011-1375 IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_limits_modify system calls, wh...
CVE-2011-1376 iscdeploy in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8....
CVE-2011-1377 The Web Services Security component in the Web Services Feature Pack before 6.1.0.41 for IBM WebSphe...
CVE-2011-1378 IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM group are established, does not ...
CVE-2011-1381 Unspecified vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers t...
CVE-2011-1384 The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2....
CVE-2011-1385 IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of se...
S
CVE-2011-1386 IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway ...
S
CVE-2011-1388 The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as u...
S
CVE-2011-1389 Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Te...
S
CVE-2011-1390 SQL injection vulnerability in the Maintenance tool in IBM Rational ClearQuest 7.1.1.x before 7.1.1....
CVE-2011-1391 The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as u...
S
CVE-2011-1392 The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as u...
S
CVE-2011-1393 Unspecified vulnerability in the authentication functionality in the server in IBM Lotus Domino 8.x ...
CVE-2011-1394 IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Mana...
CVE-2011-1395 Cross-site scripting (XSS) vulnerability in imicon.jsp in IBM Maximo Asset Management and Asset Mana...
CVE-2011-1396 Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management and Asset Management Essenti...
CVE-2011-1397 Cross-site request forgery (CSRF) vulnerability in the Labor Reporting page in IBM Maximo Asset Mana...
CVE-2011-1398 The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not c...
CVE-2011-1400 The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in th...
CVE-2011-1401 ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during proce...
CVE-2011-1402 Mahara before 1.3.6 allows remote authenticated users to bypass intended access restrictions, and su...
S
CVE-2011-1403 Cross-site request forgery (CSRF) vulnerability in the pieforms implementation in Mahara before 1.3....
S
CVE-2011-1404 Mahara before 1.3.6 does not properly restrict the data in responses to AJAX calls, which allows rem...
S
CVE-2011-1405 Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows remote authenticated users to...
S
CVE-2011-1406 Mahara before 1.3.6 does not properly handle an https URL in the wwwroot configuration setting, whic...
S
CVE-2011-1407 The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lo...
S
CVE-2011-1408 ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks....
CVE-2011-1409 Frams's Fast File EXchange (F*EX, aka fex) 20100208, and possibly other versions before 20110610, al...
S
CVE-2011-1411 Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows ...
CVE-2011-1412 sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in World of Padman 1.5.x before 1.5...
E S
CVE-2011-1413 Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X se...
E
CVE-2011-1414 Cross-site scripting (XSS) vulnerability in the tibbr web server, as used in TIBCO tibbr 1.0.0 throu...
CVE-2011-1415 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1290. Reason: This candida...
R
CVE-2011-1416 The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read ...
CVE-2011-1417 Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS...
S
CVE-2011-1418 The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementat...
CVE-2011-1419 Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSe...
S
CVE-2011-1420 EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions...
CVE-2011-1421 EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled...
CVE-2011-1422 Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in EMC RSA Adaptive ...
CVE-2011-1423 Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention (DLP) Enterprise Manager 8.x be...
CVE-2011-1424 The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1,...
CVE-2011-1425 xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, whe...
S
CVE-2011-1426 The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 1...
CVE-2011-1427 Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 5.5.2 allow remote attackers to ...
E
CVE-2011-1428 Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the ...
E S
CVE-2011-1429 Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.5...
S
CVE-2011-1430 The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly rest...
CVE-2011-1431 The STARTTLS implementation in qmail-smtpd.c in qmail-smtpd in the netqmail-1.06-tls patch for netqm...
E S
CVE-2011-1432 The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which ...
CVE-2011-1433 The (1) AgentInterface and (2) CustomerInterface components in Open Ticket Request System (OTRS) bef...
S
CVE-2011-1434 Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which a...
E S
CVE-2011-1435 Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, whi...
E S
CVE-2011-1436 Google Chrome before 11.0.696.57 on Linux does not properly interact with the X Window System, which...
E S
CVE-2011-1437 Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a den...
E S
CVE-2011-1438 Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vector...
E S
CVE-2011-1439 Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has un...
S
CVE-2011-1440 Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a ...
E S
CVE-2011-1441 Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable during ...
E S
CVE-2011-1442 Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attac...
CVE-2011-1443 Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers...
E S
CVE-2011-1444 Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux a...
E S
CVE-2011-1445 Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attacke...
S
CVE-2011-1446 Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving ...
E S
CVE-2011-1447 Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attac...
E
CVE-2011-1448 Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote ...
E S
CVE-2011-1449 Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 al...
E S
CVE-2011-1450 Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attacke...
S
CVE-2011-1451 Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers...
CVE-2011-1452 Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vect...
E S
CVE-2011-1453 WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...
S
CVE-2011-1454 Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.5...
CVE-2011-1455 Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, whi...
CVE-2011-1456 Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers t...
CVE-2011-1457 WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...
S
CVE-2011-1459 The WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an...
E S
CVE-2011-1460 WebKit in Google Chrome before Blink M11 contains a bad cast to RenderBlock when anonymous blocks ar...
E S
CVE-2011-1462 WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...
S
CVE-2011-1464 Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option ...
E
CVE-2011-1465 The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 ...
S
CVE-2011-1466 Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows co...
E
CVE-2011-1467 Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the ...
S
CVE-2011-1468 Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to c...
E
CVE-2011-1469 Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent atta...
E
CVE-2011-1470 The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of servic...
E
CVE-2011-1471 Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dep...
E
CVE-2011-1472 The Nokia E75 phone with firmware before 211.12.01 allows physically proximate attackers to bypass t...
CVE-2011-1473 OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotia...
CVE-2011-1474 A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.pat...
CVE-2011-1475 The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining...
S
CVE-2011-1476 Integer underflow in the Open Sound System (OSS) subsystem in the Linux kernel before 2.6.39 on unsp...
E S
CVE-2011-1477 Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users ...
S
CVE-2011-1478 The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in...
CVE-2011-1479 Double free vulnerability in the inotify subsystem in the Linux kernel before 2.6.39 allows local us...
E S
CVE-2011-1480 SQL injection vulnerability in admin.php in the administration backend in Francisco Burzi PHP-Nuke 8...
E
CVE-2011-1481 Multiple cross-site scripting (XSS) vulnerabilities in Francisco Burzi PHP-Nuke 8.0 and earlier allo...
E
CVE-2011-1482 Multiple cross-site request forgery (CSRF) vulnerabilities in mainfile.php in Francisco Burzi PHP-Nu...
E
CVE-2011-1483 wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP...
S
CVE-2011-1484 jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Ente...
CVE-2011-1485 Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local ...
S
CVE-2011-1486 libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attac...
S
CVE-2011-1487 The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x throug...
E S
CVE-2011-1488 A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged ...
E S
CVE-2011-1489 A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged...
E S
CVE-2011-1490 A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged ...
S
CVE-2011-1491 The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated ...
S
CVE-2011-1492 steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is ...
S
CVE-2011-1493 Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel be...
E S
CVE-2011-1494 Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Li...
S
CVE-2011-1495 drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) leng...
S
CVE-2011-1496 tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp grou...
E
CVE-2011-1497 A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before versio...
E
CVE-2011-1498 Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy ...
CVE-2011-1499 acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits...
S
CVE-2011-1500 PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict permissions for the .config/pi...
CVE-2011-1501 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1571. Reason: This candida...
R
CVE-2011-1502 Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote...
CVE-2011-1503 The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when A...
CVE-2011-1504 Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 5.x and 6.x before...
CVE-2011-1505 Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unkn...
CVE-2011-1506 The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and MailServer 6.x does not properly r...
CVE-2011-1507 Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and ...
S
CVE-2011-1508 Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for ...
CVE-2011-1509 The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus (SDP) 8012 and earlier use...
CVE-2011-1510 Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus (SDP)...
CVE-2011-1511 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1....
S
CVE-2011-1512 Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2...
E
CVE-2011-1513 Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions...
E S
CVE-2011-1514 The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to ...
E
CVE-2011-1515 The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to ...
E
CVE-2011-1516 The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x through...
E
CVE-2011-1517 SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagT...
CVE-2011-1518 Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) 2.4.x befor...
CVE-2011-1519 The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials aga...
CVE-2011-1520 The default configuration of the server console in IBM Lotus Domino does not require a password (aka...
CVE-2011-1521 The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location head...
S
CVE-2011-1522 Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQ...
S
CVE-2011-1523 Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier...
E
CVE-2011-1524 Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Adm...
E
CVE-2011-1525 Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 t...
E
CVE-2011-1526 ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and ea...
S
CVE-2011-1527 The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1....
CVE-2011-1528 The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb...
CVE-2011-1529 The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5)...
CVE-2011-1530 The process_tgs_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 ...
S
CVE-2011-1531 The webscan component in the Embedded Web Server (EWS) on the HP Photosmart D110 and B110; Photosmar...
CVE-2011-1532 Unspecified vulnerability in the SNMP component on the HP Photosmart D110 and B110; Photosmart Plus ...
CVE-2011-1533 Cross-site scripting (XSS) vulnerability on the HP Photosmart D110 and B110; Photosmart Plus B210; P...
CVE-2011-1534 Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users...
CVE-2011-1535 Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote au...
CVE-2011-1536 Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, 5.3x, 5.4, 5.41, and 5.41.002 a...
CVE-2011-1537 Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote ...
CVE-2011-1538 Open redirect vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote authenticated...
CVE-2011-1539 Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to ob...
CVE-2011-1540 Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authentica...
CVE-2011-1541 Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers ...
CVE-2011-1542 Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remot...
CVE-2011-1543 Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allow...
CVE-2011-1544 Unspecified vulnerability in HP Insight Control Performance Management before 6.3 allows remote auth...
CVE-2011-1545 Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before ...
CVE-2011-1546 Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase (Aphpkb) before 0.95.3 allow remo...
E S
CVE-2011-1547 Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 be...
CVE-2011-1548 The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in ...
CVE-2011-1549 The default configuration of logrotate on Gentoo Linux uses root privileges to process files in dire...
CVE-2011-1550 The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process file...
CVE-2011-1551 SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ directory tree to the web-service u...
CVE-2011-1552 t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from inval...
S
CVE-2011-1553 Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and ...
S
CVE-2011-1554 Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other produc...
S
CVE-2011-1555 SQL injection vulnerability in saa.php in Andy's PHP Knowledgebase (Aphpkb) 0.95.3 and earlier allow...
S
CVE-2011-1556 SQL injection vulnerability in plugins/pdfClasses/pdfgen.php in Andy's PHP Knowledgebase (Aphpkb) 0....
E
CVE-2011-1557 SQL injection vulnerability in ICloudCenter ICJobSite 1.1 allows remote attackers to execute arbitra...
E
CVE-2011-1558 Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web Interface for Content Management ...
CVE-2011-1559 Unspecified vulnerability in the IBM Web Interface for Content Management (aka WEBi) 1.0.4 before FP...
CVE-2011-1560 solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6...
CVE-2011-1561 The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap...
CVE-2011-1562 Ecava IntegraXor HMI before n 3.60 (Build 4032) allows remote attackers to bypass authentication and...
S
CVE-2011-1563 Multiple stack-based buffer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6....
E
CVE-2011-1564 Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) an...
E
CVE-2011-1565 Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies ...
E
CVE-2011-1566 Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive ...
E
CVE-2011-1567 Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technolog...
E
CVE-2011-1568 Format string vulnerability in the logText function in shmemmgr9.dll in IGSSdataServer.exe 9.00.00.1...
E
CVE-2011-1569 download.aspx in Douran Portal 3.9.7.8 allows remote attackers to obtain source code of arbitrary fi...
E
CVE-2011-1570 Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 G...
E
CVE-2011-1571 Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x an...
CVE-2011-1572 Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5...
S
CVE-2011-1573 net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are us...
E S
CVE-2011-1574 Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allow...
E S
CVE-2011-1575 The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/...
S
CVE-2011-1576 The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Li...
S
CVE-2011-1577 Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2...
S
CVE-2011-1578 Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or ear...
E S
CVE-2011-1579 The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 do...
E S
CVE-2011-1580 The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, wh...
S
CVE-2011-1581 The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39,...
S
CVE-2011-1582 Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security ...
S
CVE-2011-1583 Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow...
S
CVE-2011-1584 The updateFile function in inc/core/class.dc.media.php in the Media Manager in Dotclear before 2.2.3...
E S
CVE-2011-1585 The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not prope...
E S
CVE-2011-1586 Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalink...
S
CVE-2011-1587 Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or ear...
S
CVE-2011-1588 Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a ...
S
CVE-2011-1589 Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to r...
E S
CVE-2011-1590 The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly init...
E S
CVE-2011-1591 Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4....
E
CVE-2011-1592 The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an...
E S
CVE-2011-1593 Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2....
E S
CVE-2011-1594 Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows rem...
S
CVE-2011-1595 Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, wh...
E S
CVE-2011-1596 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2011-1597 OpenVAS Manager v2.0.3 allows plugin remote code execution....
CVE-2011-1598 The bcm_release function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly va...
CVE-2011-1599 manager.c in the Manager Interface in Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6...
CVE-2011-1602 The su utility on Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.0.3 a...
CVE-2011-1603 Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 allow local users t...
CVE-2011-1604 Memory leak in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(...
CVE-2011-1605 Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6...
CVE-2011-1606 Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6...
CVE-2011-1607 Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallMa...
CVE-2011-1609 SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager)...
CVE-2011-1610 Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server co...
CVE-2011-1613 Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 6.0 before 6.0.200.0, 7.0 ...
CVE-2011-1623 Cisco Media Processing Software before 1.2 on Media Experience Engine (MXE) 5600 devices has a defau...
CVE-2011-1624 Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote attackers to cause a denial o...
CVE-2011-1625 Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configure...
CVE-2011-1637 Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 do not properly ver...
CVE-2011-1640 The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large ...
CVE-2011-1643 Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8....
CVE-2011-1645 The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1...
CVE-2011-1646 The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1...
CVE-2011-1647 The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1...
CVE-2011-1649 The Internet Streamer application in Cisco Content Delivery System (CDS) with software 2.5.7, 2.5.8,...
CVE-2011-1651 Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is...
CVE-2011-1652 The default configuration of Microsoft Windows 7 immediately prefers a new IPv6 and DHCPv6 service o...
E
CVE-2011-1653 Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defen...
CVE-2011-1654 Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in ...
CVE-2011-1655 The management.asmx module in the Management Web Service in the Unified Network Control (UNC) Server...
CVE-2011-1657 The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3...
E S
CVE-2011-1658 ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string ...
S
CVE-2011-1659 Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allow...
E S
CVE-2011-1660 Multiple cross-site scripting (XSS) vulnerabilities in the DataDynamics.Reports.Web class library in...
E S
CVE-2011-1661 The Node Quick Find module 6.x-1.1 for Drupal does not use db_rewrite_sql when presenting node title...
S
CVE-2011-1662 Cross-site scripting (XSS) vulnerability in Translation Management module 6.x before 6.x-1.21 for Dr...
S
CVE-2011-1663 SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allo...
S
CVE-2011-1664 Cross-site request forgery (CSRF) vulnerability in the Translation Management module 6.x before 6.x-...
S
CVE-2011-1665 PHPBoost 3.0 stores sensitive information under the web root with insufficient access control, which...
E
CVE-2011-1666 Metaways Tine 2.0 allows remote attackers to obtain sensitive information via unknown vectors in (1)...
E
CVE-2011-1667 SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute ar...
E
CVE-2011-1668 Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, an...
E
CVE-2011-1669 Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordP...
E S
CVE-2011-1670 Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possib...
E
CVE-2011-1671 Cross-site scripting (XSS) vulnerability in app/controllers/todos_controller.rb in Tracks 1.7.2, 2.0...
E S
CVE-2011-1672 The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share,...
CVE-2011-1673 BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator ...
CVE-2011-1674 The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attackers to bypass authentication an...
CVE-2011-1675 mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first chec...
CVE-2011-1676 mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt t...
E
CVE-2011-1677 mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt...
CVE-2011-1678 smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and ...
CVE-2011-1679 ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumou...
CVE-2011-1680 ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ lock file after a failed attempt ...
E
CVE-2011-1681 vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and earlier...
E
CVE-2011-1682 Multiple cross-site request forgery (CSRF) vulnerabilities in phpList 2.10.13 and earlier allow remo...
CVE-2011-1683 IBM WebSphere Application Server (WAS) 6.0.x through 6.0.2.43, 6.1.x before 6.1.0.37, and 7.0.x befo...
CVE-2011-1684 Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in ...
S
CVE-2011-1685 Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through 4.0.0rc7, when the CustomFieldVa...
S
CVE-2011-1686 Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 th...
S
CVE-2011-1687 Best Practical Solutions RT 3.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 ...
S
CVE-2011-1688 Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 through 3.6.10, 3.8.0 through...
S
CVE-2011-1689 Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6...
S
CVE-2011-1690 Best Practical Solutions RT 3.6.0 through 3.6.10 and 3.8.0 through 3.8.8 allows remote attackers to ...
S
CVE-2011-1691 The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS...
E S
CVE-2011-1696 Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0...
CVE-2011-1699 Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacker...
S
CVE-2011-1700 Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacker...
S
CVE-2011-1701 Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacker...
S
CVE-2011-1702 Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacker...
CVE-2011-1703 Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacker...
S
CVE-2011-1704 Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacker...
S
CVE-2011-1705 Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacker...
S
CVE-2011-1706 Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacke...
CVE-2011-1707 Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacke...
S
CVE-2011-1708 Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attacke...
S
CVE-2011-1709 GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browse...
S
CVE-2011-1710 Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attac...
S
CVE-2011-1711 Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer 1.0.x, ...
S
CVE-2011-1712 The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWa...
E S
CVE-2011-1713 Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, allows remote attackers to obtain ...
E
CVE-2011-1714 Cross-site scripting (XSS) vulnerability in framework/source/resource/qx/test/jsonp_primitive.php in...
E
CVE-2011-1715 Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3...
E
CVE-2011-1716 Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Xymon before 4.3.1 allow remote...
CVE-2011-1717 Skype for Android stores sensitive user data without encryption in sqlite3 databases that have weak ...
E
CVE-2011-1718 The Web Agents component in CA SiteMinder R6 before SP6 CR2 and R12 before SP3 CR2 does not properly...
CVE-2011-1719 Multiple stack-based buffer overflows in the Web Viewer ActiveX controls in CA Output Management Web...
CVE-2011-1720 The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before ...
S
CVE-2011-1721 Cross-site request forgery (CSRF) vulnerability in php/partie_administrateur/administration.php in W...
E
CVE-2011-1722 Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and ...
CVE-2011-1723 Cross-site scripting (XSS) vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1....
E S
CVE-2011-1724 Unspecified vulnerability in HP Virtual Server Environment before 6.3 allows remote authenticated us...
CVE-2011-1725 Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote att...
CVE-2011-1726 Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote ...
CVE-2011-1727 Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote ...
CVE-2011-1728 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data...
CVE-2011-1729 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data...
CVE-2011-1730 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data...
CVE-2011-1731 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data...
CVE-2011-1732 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data...
CVE-2011-1733 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data...
CVE-2011-1734 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data...
CVE-2011-1735 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data...
CVE-2011-1736 Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storag...
CVE-2011-1737 Multiple cross-site scripting (XSS) vulnerabilities in the Email application in HP Palm webOS 1.4.5 ...
CVE-2011-1738 HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) application...
CVE-2011-1739 The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -n...
CVE-2011-1740 EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client...
CVE-2011-1741 Stack-based buffer overflow in ftserver.exe in the OpenText Hummingbird Client Connector, as used in...
CVE-2011-1742 EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configurati...
CVE-2011-1743 Cross-site scripting (XSS) vulnerability in EMC Captiva eInput 2.1.1 before 2.1.1.37 allows remote a...
CVE-2011-1744 EMC Captiva eInput 2.1.1 before 2.1.1.37 does not restrict the origin of calls to ActiveX functions,...
CVE-2011-1745 Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linu...
S
CVE-2011-1746 Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions i...
S
CVE-2011-1747 The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not properly restrict memory allocat...
CVE-2011-1748 The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly va...
S
CVE-2011-1749 The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2...
S
CVE-2011-1750 Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 a...
CVE-2011-1751 The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does...
CVE-2011-1752 The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17...
CVE-2011-1753 expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not ...
S
CVE-2011-1754 jabberd14 1.6.1.1 and earlier does not properly detect recursion during entity expansion, which allo...
CVE-2011-1755 jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remo...
S
CVE-2011-1756 modules/xmpp/serv_xmpp.c in Citadel 7.86 and earlier does not properly detect recursion during entit...
S
CVE-2011-1757 DJabberd 0.84 and earlier does not properly detect recursion during entity expansion, which allows r...
CVE-2011-1758 The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon ...
S
CVE-2011-1759 Integer overflow in the sys_oabi_semtimedop function in arch/arm/kernel/sys_oabi-compat.c in the Lin...
E S
CVE-2011-1760 utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection atta...
E S
CVE-2011-1761 Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in s...
E
CVE-2011-1762 A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user ...
CVE-2011-1763 The get_free_port function in Xen allows local authenticated DomU users to cause a denial of service...
CVE-2011-1764 Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.7...
S
CVE-2011-1765 Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or ear...
E S
CVE-2011-1766 includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear c...
S
CVE-2011-1767 net/ipv4/ip_gre.c in the Linux kernel before 2.6.34, when ip_gre is configured as a module, allows r...
E S
CVE-2011-1768 The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configure...
E S
CVE-2011-1769 SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to ca...
S
CVE-2011-1770 Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before...
S
CVE-2011-1771 The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to ca...
E S
CVE-2011-1772 Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and ...
E S
CVE-2011-1773 virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allo...
E S
CVE-2011-1774 WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote atta...
S
CVE-2011-1775 The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx in the vncviewer component in T...
CVE-2011-1776 The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check th...
S
CVE-2011-1777 Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_dir functions in archive_read_s...
CVE-2011-1778 Buffer overflow in libarchive through 2.8.5 allows remote attackers to cause a denial of service (ap...
CVE-2011-1779 Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote attackers to caus...
CVE-2011-1780 The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (ho...
CVE-2011-1781 SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial...
CVE-2011-1782 Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PS...
S
CVE-2011-1783 The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6...
CVE-2011-1784 The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions f...
CVE-2011-1785 VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (soc...
CVE-2011-1786 lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterpris...
CVE-2011-1787 Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1...
S
CVE-2011-1788 vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1 allows local users to d...
CVE-2011-1789 The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before U...
S
CVE-2011-1793 rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 a...
CVE-2011-1794 Integer overflow in the FilterEffect::copyImageBytes function in platform/graphics/filters/FilterEff...
CVE-2011-1795 Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in ...
CVE-2011-1796 Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/Fra...
CVE-2011-1797 WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or c...
CVE-2011-1798 rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not pr...
CVE-2011-1799 Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction wit...
CVE-2011-1800 Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome b...
CVE-2011-1801 Unspecified vulnerability in Google Chrome before 11.0.696.71 allows remote attackers to bypass the ...
CVE-2011-1802 WebKit in Google Chrome before Blink M11 and M12 does not properly handle counter nodes, which allow...
CVE-2011-1803 An issue exists in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h in WebKit in Goo...
CVE-2011-1804 rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696...
CVE-2011-1805 Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit ...
E S
CVE-2011-1806 Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows re...
CVE-2011-1807 Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to ex...
CVE-2011-1808 Use-after-free vulnerability in Google Chrome before 12.0.742.91 allows remote attackers to cause a ...
CVE-2011-1809 Use-after-free vulnerability in the accessibility feature in Google Chrome before 12.0.742.91 allows...
CVE-2011-1810 The Cascading Style Sheets (CSS) implementation in Google Chrome before 12.0.742.91 does not properl...
CVE-2011-1811 Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which ...
CVE-2011-1812 Google Chrome before 12.0.742.91 allows remote attackers to bypass intended access restrictions via ...
CVE-2011-1813 Google Chrome before 12.0.742.91 does not properly implement the framework for extensions, which all...
CVE-2011-1814 Google Chrome before 12.0.742.91 attempts to read data from an uninitialized pointer, which allows r...
CVE-2011-1815 Google Chrome before 12.0.742.91 allows remote attackers to inject script into a tab page via vector...
CVE-2011-1816 Use-after-free vulnerability in the developer tools in Google Chrome before 12.0.742.91 allows remot...
CVE-2011-1817 Google Chrome before 12.0.742.91 does not properly implement history deletion, which allows remote a...
CVE-2011-1818 Use-after-free vulnerability in the image loader in Google Chrome before 12.0.742.91 allows remote a...
CVE-2011-1819 Google Chrome before 12.0.742.91 allows remote attackers to perform unspecified injection into a chr...
CVE-2011-1820 IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0...
S
CVE-2011-1821 IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010 on Windows allows remote authen...
S
CVE-2011-1822 The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0009 ...
S
CVE-2011-1823 The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received...
KEV E
CVE-2011-1824 The VEGAOpBitmap::AddLine function in Opera before 10.61 does not properly initialize memory during ...
E
CVE-2011-1825 Multiple cross-site scripting (XSS) vulnerabilities in the Administrative Console in CA Arcot WebFor...
CVE-2011-1826 Open redirect vulnerability in the Administrative Console in CA Arcot WebFort Versatile Authenticati...
CVE-2011-1827 Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and...
CVE-2011-1828 usb-creator-helper in usb-creator before 0.2.28.3 does not enforce intended PolicyKit restrictions, ...
S
CVE-2011-1829 APT before 0.8.15.2 does not properly validate inline GPG signatures, which allows man-in-the-middle...
S
CVE-2011-1830 Ekiga attempts to dlopen /tmp/ekiga_test.so
S
CVE-2011-1831 utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permis...
CVE-2011-1832 utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permis...
CVE-2011-1833 Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the...
E S
CVE-2011-1834 utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file ...
CVE-2011-1835 The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils befo...
CVE-2011-1836 utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with sa...
CVE-2011-1837 The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows...
CVE-2011-1838 Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.pm in TWiki before 5.0.2 allow ...
E S
CVE-2011-1839 IBM Rational Build Forge 7.1.0 uses the HTTP GET method during redirection from the authentication s...
CVE-2011-1840 The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the mas...
CVE-2011-1841 Cross-site scripting (XSS) vulnerability in the link_to helper in Mojolicious before 1.12 allows rem...
CVE-2011-1842 dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arg...
E S
CVE-2011-1843 Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended...
E S
CVE-2011-1844 Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial ...
S
CVE-2011-1845 Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.6...
S
CVE-2011-1846 IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role ...
CVE-2011-1847 IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce priv...
CVE-2011-1848 Stack-based buffer overflow in img.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02...
CVE-2011-1849 tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers...
S
CVE-2011-1850 Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management C...
S
CVE-2011-1851 Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E...
S
CVE-2011-1852 Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5....
CVE-2011-1853 tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers...
S
CVE-2011-1854 Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows re...
S
CVE-2011-1855 Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows local users to read or mod...
CVE-2011-1856 Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.06 and earlier a...
CVE-2011-1857 Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 ...
CVE-2011-1858 Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 ...
CVE-2011-1859 Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 ...
CVE-2011-1860 Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 ...
CVE-2011-1861 Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 ...
CVE-2011-1862 Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Servic...
CVE-2011-1863 HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allow remote authenticated us...
CVE-2011-1864 Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote at...
CVE-2011-1865 Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00...
E
CVE-2011-1866 Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 throu...
E
CVE-2011-1867 Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E...
CVE-2011-1868 The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003...
CVE-2011-1869 The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3, Windows Server...
CVE-2011-1870 Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Micro...
CVE-2011-1871 Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP...
CVE-2011-1872 Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a ...
CVE-2011-1873 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows ...
CVE-2011-1874 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1875 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1876 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1877 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1...
CVE-2011-1878 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1879 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1880 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1881 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1882 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1883 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1884 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2011-1885 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1886 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does not properly validate the arg...
CVE-2011-1887 win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Go...
CVE-2011-1888 win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Go...
CVE-2011-1889 The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TM...
KEV S
CVE-2011-1890 Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft Office SharePoint Server 2010...
CVE-2011-1891 Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 3.0 SP2, and Share...
CVE-2011-1892 Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 S...
CVE-2011-1893 Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePo...
CVE-2011-1894 The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vis...
CVE-2011-1895 CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1...
CVE-2011-1896 Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Go...
CVE-2011-1897 Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Go...
CVE-2011-1898 Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do...
E S
CVE-2011-1899 Multiple cross-site scripting (XSS) vulnerabilities in CA eHealth 6.0.x, 6.1.x, 6.2.1, and 6.2.2 all...
CVE-2011-1900 Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch...
CVE-2011-1901 The mail-filter web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earli...
CVE-2011-1902 Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2....
CVE-2011-1903 SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2....
CVE-2011-1904 An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2....
CVE-2011-1905 Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified administrative modules in ...
CVE-2011-1906 Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a...
CVE-2011-1907 ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allow...
CVE-2011-1908 Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619...
S
CVE-2011-1910 Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4...
CVE-2011-1911 JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable _flowExecu...
CVE-2011-1913 SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows r...
CVE-2011-1914 Buffer overflow in the Advantech ADAM OLE for Process Control (OPC) Server ActiveX control in ADAM O...
S
CVE-2011-1915 SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution Management Solution 7.3.2.7 a...
CVE-2011-1918 Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Histori...
CVE-2011-1919 Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 ...
CVE-2011-1920 The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow loca...
E S
CVE-2011-1921 The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6...
CVE-2011-1922 daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automat...
S
CVE-2011-1923 The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL before 0.14.2 does not properly ...
CVE-2011-1924 Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remo...
S
CVE-2011-1925 nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial o...
CVE-2011-1926 The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O bufferi...
S
CVE-2011-1927 The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly...
E S
CVE-2011-1928 The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1...
CVE-2011-1929 lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not pro...
S
CVE-2011-1930 In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not pr...
CVE-2011-1931 sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0....
S
CVE-2011-1932 Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allo...
S
CVE-2011-1933 SQL injection vulnerability in Jifty::DBI before 0.68....
S
CVE-2011-1934 lilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1....
CVE-2011-1935 pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is...
S
CVE-2011-1936 Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not prope...
CVE-2011-1937 Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject ar...
E S
CVE-2011-1938 Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 thr...
E S
CVE-2011-1939 SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when usi...
E
CVE-2011-1940 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x be...
S
CVE-2011-1941 Open redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before 3.4.1 allows remote...
CVE-2011-1942 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2011-1943 The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8....
S
CVE-2011-1944 Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8....
E S
CVE-2011-1945 The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Cur...
E
CVE-2011-1946 gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code...
S
CVE-2011-1947 fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or...
CVE-2011-1948 Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject ...
S
CVE-2011-1949 Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plo...
S
CVE-2011-1950 plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of a...
S
CVE-2011-1951 lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global flag is set and when using PCRE ...
S
CVE-2011-1952 common.php in Post Revolution before 0.8.0c-2 allows remote attackers to cause a denial of service (...
E S
CVE-2011-1953 Multiple cross-site scripting (XSS) vulnerabilities in common.php in Post Revolution before 0.8.0c-2...
E S
CVE-2011-1954 Multiple cross-site request forgery (CSRF) vulnerabilities in Post Revolution 0.8.0c-2 and earlier a...
CVE-2011-1955 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2011-1956 The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remo...
E S
CVE-2011-1957 The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1....
E S
CVE-2011-1958 Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause ...
CVE-2011-1959 The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 d...
E S
CVE-2011-1960 Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which...
S
CVE-2011-1961 The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handl...
S
CVE-2011-1962 Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, wh...
S
CVE-2011-1963 Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1964 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1965 Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 ...
CVE-2011-1966 The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR q...
CVE-2011-1967 Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft W...
CVE-2011-1968 The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Ser...
CVE-2011-1969 Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 provides the...
CVE-2011-1970 The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does...
CVE-2011-1971 The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Go...
CVE-2011-1972 Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memo...
CVE-2011-1973 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2011-1974 NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and S...
E
CVE-2011-1975 Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Comp...
CVE-2011-1976 Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 200...
CVE-2011-1977 The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Frame...
CVE-2011-1978 Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets tru...
CVE-2011-1979 Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file...
CVE-2011-1980 Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to ...
CVE-2011-1981 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2011-1982 Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize an unspecified object pointer ...
CVE-2011-1983 Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Off...
CVE-2011-1984 WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 allows local users to ...
CVE-2011-1985 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2011-1986 Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote attackers to execute arbitrar...
CVE-2011-1987 Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gol...
CVE-2011-1988 Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open ...
CVE-2011-1989 Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in O...
CVE-2011-1990 Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for ...
CVE-2011-1991 Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2...
CVE-2011-1992 The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a diffe...
S
CVE-2011-1993 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1994 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2011-1995 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1996 Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows rem...
S
CVE-2011-1997 Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attack...
CVE-2011-1998 Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attack...
S
CVE-2011-1999 Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote atta...
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.