| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2011-3000 | Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do... | | |
| CVE-2011-3001 | Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manua... | | |
| CVE-2011-3002 | Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey bef... | | |
| CVE-2011-3003 | Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of serv... | | |
| CVE-2011-3004 | The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly ha... | | |
| CVE-2011-3005 | Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey... | | |
| CVE-2011-3006 | The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and e... | | |
| CVE-2011-3007 | The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint Protection 5.2.1 and earlier all... | | |
| CVE-2011-3008 | The default configuration of Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 contains certa... | | |
| CVE-2011-3009 | Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for contex... | S | |
| CVE-2011-3010 | Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to ... | | |
| CVE-2011-3011 | BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote ... | E | |
| CVE-2011-3012 | The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror ... | E S | |
| CVE-2011-3013 | WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sup... | | |
| CVE-2011-3014 | The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not proper... | | |
| CVE-2011-3015 | Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attack... | S | |
| CVE-2011-3016 | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a ... | | |
| CVE-2011-3017 | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a ... | E S | |
| CVE-2011-3018 | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a de... | E S | |
| CVE-2011-3019 | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a de... | S | |
| CVE-2011-3020 | Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0... | S | |
| CVE-2011-3021 | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a ... | E | |
| CVE-2011-3022 | translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses ... | S | |
| CVE-2011-3023 | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attacke... | S | |
| CVE-2011-3024 | Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application c... | E S | |
| CVE-2011-3025 | Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers t... | S | |
| CVE-2011-3026 | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to ... | E | |
| CVE-2011-3027 | Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during ... | | |
| CVE-2011-3031 | Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17... | E | |
| CVE-2011-3032 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a ... | | |
| CVE-2011-3033 | Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cau... | | |
| CVE-2011-3034 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a ... | | |
| CVE-2011-3035 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a ... | | |
| CVE-2011-3036 | Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during ... | | |
| CVE-2011-3037 | Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the... | | |
| CVE-2011-3038 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a ... | | |
| CVE-2011-3039 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a ... | | |
| CVE-2011-3040 | Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cau... | | |
| CVE-2011-3041 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a ... | | |
| CVE-2011-3042 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a ... | | |
| CVE-2011-3043 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a ... | | |
| CVE-2011-3044 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a ... | | |
| CVE-2011-3045 | Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as... | S | |
| CVE-2011-3046 | The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigat... | | |
| CVE-2011-3047 | The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary cod... | | |
| CVE-2011-3048 | The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x be... | | |
| CVE-2011-3049 | Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which all... | | |
| CVE-2011-3050 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome bef... | E | |
| CVE-2011-3051 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome bef... | | |
| CVE-2011-3052 | The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS element... | E | |
| CVE-2011-3053 | Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a ... | | |
| CVE-2011-3054 | The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform iso... | | |
| CVE-2011-3055 | The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before ... | E | |
| CVE-2011-3056 | Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vector... | | |
| CVE-2011-3057 | Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of... | | |
| CVE-2011-3058 | Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might ... | E | |
| CVE-2011-3059 | Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote a... | | |
| CVE-2011-3060 | Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote atta... | E | |
| CVE-2011-3061 | Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY p... | E | |
| CVE-2011-3062 | Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attac... | | |
| CVE-2011-3063 | Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, wh... | | |
| CVE-2011-3064 | Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause ... | | |
| CVE-2011-3065 | Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of se... | E | |
| CVE-2011-3066 | Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allow... | | |
| CVE-2011-3067 | Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vect... | E | |
| CVE-2011-3068 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome bef... | | |
| CVE-2011-3069 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome bef... | E | |
| CVE-2011-3070 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause ... | E | |
| CVE-2011-3071 | Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.102... | E | |
| CVE-2011-3072 | Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vect... | E | |
| CVE-2011-3073 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause ... | E | |
| CVE-2011-3074 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause ... | E | |
| CVE-2011-3075 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause ... | E | |
| CVE-2011-3076 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause ... | E | |
| CVE-2011-3077 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause ... | E | |
| CVE-2011-3078 | Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause ... | E | |
| CVE-2011-3079 | The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used ... | | |
| CVE-2011-3080 | Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.... | | |
| CVE-2011-3081 | Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause ... | E | |
| CVE-2011-3083 | browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly hand... | | |
| CVE-2011-3084 | Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on... | | |
| CVE-2011-3085 | The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, w... | | |
| CVE-2011-3086 | Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a... | | |
| CVE-2011-3087 | Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified... | | |
| CVE-2011-3088 | Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to... | | |
| CVE-2011-3089 | Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a... | | |
| CVE-2011-3090 | Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of ser... | | |
| CVE-2011-3091 | Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 al... | | |
| CVE-2011-3092 | The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote a... | | |
| CVE-2011-3093 | Google Chrome before 19.0.1084.46 does not properly handle glyphs, which allows remote attackers to ... | | |
| CVE-2011-3094 | Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attacke... | | |
| CVE-2011-3095 | The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of ... | | |
| CVE-2011-3096 | Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers t... | | |
| CVE-2011-3097 | The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial... | | |
| CVE-2011-3098 | Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Pla... | S | |
| CVE-2011-3099 | Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows re... | | |
| CVE-2011-3100 | Google Chrome before 19.0.1084.46 does not properly draw dash paths, which allows remote attackers t... | | |
| CVE-2011-3101 | Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVID... | | |
| CVE-2011-3102 | Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows... | | |
| CVE-2011-3103 | Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collectio... | | |
| CVE-2011-3104 | Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of ser... | | |
| CVE-2011-3105 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome bef... | | |
| CVE-2011-3106 | The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of S... | | |
| CVE-2011-3107 | Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, whic... | | |
| CVE-2011-3108 | Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute... | | |
| CVE-2011-3109 | Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variab... | | |
| CVE-2011-3110 | The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial... | | |
| CVE-2011-3111 | Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial o... | | |
| CVE-2011-3112 | Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows re... | | |
| CVE-2011-3113 | The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an un... | | |
| CVE-2011-3114 | Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote... | | |
| CVE-2011-3115 | Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial o... | | |
| CVE-2011-3116 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-3117 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-3118 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-3119 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-3120 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-3122 | Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and... | S | |
| CVE-2011-3123 | IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataS... | | |
| CVE-2011-3124 | IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataS... | | |
| CVE-2011-3125 | Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and... | S | |
| CVE-2011-3126 | WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of n... | S | |
| CVE-2011-3127 | WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) log... | S | |
| CVE-2011-3128 | WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which m... | S | |
| CVE-2011-3129 | The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on ... | S | |
| CVE-2011-3130 | wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and ... | S | |
| CVE-2011-3131 | Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denia... | E | |
| CVE-2011-3132 | Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3... | | |
| CVE-2011-3133 | Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.... | | |
| CVE-2011-3134 | Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x bef... | | |
| CVE-2011-3135 | Unspecified vulnerability in the Runtime in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 befor... | | |
| CVE-2011-3136 | Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) ... | | |
| CVE-2011-3137 | Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) ... | | |
| CVE-2011-3138 | The LTPA STS module support implementation in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 bef... | | |
| CVE-2011-3139 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3140 | IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliance... | E | |
| CVE-2011-3141 | Buffer overflow in the InBatch BatchField ActiveX control for Invensys Wonderware InBatch 8.1 SP1, 9... | | |
| CVE-2011-3142 | Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.... | E S | |
| CVE-2011-3143 | Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and... | S | |
| CVE-2011-3144 | Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 bef... | S | |
| CVE-2011-3145 | mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group | S | |
| CVE-2011-3146 | librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependen... | E S | |
| CVE-2011-3147 | qcow format could expose host filesystem information | S | |
| CVE-2011-3148 | Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM... | | |
| CVE-2011-3149 | The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) be... | | |
| CVE-2011-3150 | Software Center in Ubuntu 11.10, 11.04 10.10 does not properly validate server certificates, which a... | S | |
| CVE-2011-3151 | SELinux initscript misuse of touch | S | |
| CVE-2011-3152 | DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134... | | |
| CVE-2011-3153 | dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary file... | | |
| CVE-2011-3154 | DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.... | | |
| CVE-2011-3155 | Unspecified vulnerability in HP Onboard Administrator (OA) 3.21 through 3.31 allows remote attackers... | | |
| CVE-2011-3156 | Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Person... | | |
| CVE-2011-3157 | Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Person... | | |
| CVE-2011-3158 | Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Person... | | |
| CVE-2011-3159 | Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Person... | | |
| CVE-2011-3160 | Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Person... | | |
| CVE-2011-3161 | Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Person... | | |
| CVE-2011-3162 | Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Person... | | |
| CVE-2011-3163 | HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive workflow... | | |
| CVE-2011-3164 | Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure Resource Partitions (SRP)) A.03... | | |
| CVE-2011-3165 | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote a... | | |
| CVE-2011-3166 | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote a... | | |
| CVE-2011-3167 | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote a... | | |
| CVE-2011-3168 | Unspecified vulnerability in the POP and IMAP service implementations in HP TCP/IP Services 5.6 and ... | | |
| CVE-2011-3169 | Unspecified vulnerability in the SMTP service implementation in HP TCP/IP Services 5.6 and 5.7 for O... | | |
| CVE-2011-3170 | The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle t... | S | |
| CVE-2011-3171 | Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on S... | | |
| CVE-2011-3172 | unix2_chkpwd do not check for a valid account | | |
| CVE-2011-3173 | Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in... | | |
| CVE-2011-3174 | Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield... | S | |
| CVE-2011-3175 | Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM)... | E | |
| CVE-2011-3176 | Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM)... | E | |
| CVE-2011-3177 | The YaST2 network created files with world readable permissions which could have allowed local users... | | |
| CVE-2011-3178 | openbuildservice webui code injection | | |
| CVE-2011-3179 | The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.... | | |
| CVE-2011-3180 | kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for Sy... | E S | |
| CVE-2011-3181 | Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x befo... | S | |
| CVE-2011-3182 | PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc librar... | E | |
| CVE-2011-3183 | A Cross-Site Scripting (XSS) vulnerability exists in the rcID parameter in Concrete CMS 5.4.1.1 and ... | E | |
| CVE-2011-3184 | The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin... | S | |
| CVE-2011-3185 | gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbit... | S | |
| CVE-2011-3186 | CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x ... | S | |
| CVE-2011-3187 | The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip.rb in Ruby on Rails 3.0.5 doe... | E S | |
| CVE-2011-3188 | The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorith... | S | |
| CVE-2011-3189 | The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argum... | E | |
| CVE-2011-3190 | Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through ... | E | |
| CVE-2011-3191 | Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel befor... | S | |
| CVE-2011-3192 | The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19... | E | |
| CVE-2011-3193 | Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.... | S | |
| CVE-2011-3194 | Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote attackers... | | |
| CVE-2011-3195 | shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticat... | | |
| CVE-2011-3196 | The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions f... | | |
| CVE-2011-3197 | SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenti... | | |
| CVE-2011-3198 | Domain Technologie Control (DTC) before 0.34.1 includes a password in the -b command line argument t... | | |
| CVE-2011-3199 | Multiple cross-site scripting (XSS) vulnerabilities in Domain Technologie Control (DTC) before 0.34.... | | |
| CVE-2011-3200 | Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in r... | S | |
| CVE-2011-3201 | GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the a... | S | |
| CVE-2011-3202 | A Cross-Site Scripting (XSS) vulnerability exists in the g parameter to index.php in Jcow CMS 4.2 an... | E | |
| CVE-2011-3203 | A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 a... | E | |
| CVE-2011-3204 | hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbitrary files via a symlink attac... | | |
| CVE-2011-3205 | Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 be... | S | |
| CVE-2011-3206 | Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in RHQ 4.2.0, as... | | |
| CVE-2011-3207 | crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members,... | S | |
| CVE-2011-3208 | Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server ... | S | |
| CVE-2011-3209 | The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on... | E | |
| CVE-2011-3210 | The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e... | S | |
| CVE-2011-3211 | The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitr... | S | |
| CVE-2011-3212 | CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted dur... | | |
| CVE-2011-3213 | The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.50... | | |
| CVE-2011-3214 | IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in displa... | | |
| CVE-2011-3215 | The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of ... | | |
| CVE-2011-3216 | The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directorie... | | |
| CVE-2011-3217 | MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause... | | |
| CVE-2011-3218 | The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML docum... | | |
| CVE-2011-3219 | Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execut... | S | |
| CVE-2011-3220 | QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files... | | |
| CVE-2011-3221 | QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files... | | |
| CVE-2011-3222 | Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbi... | | |
| CVE-2011-3223 | Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbi... | | |
| CVE-2011-3224 | The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to ... | | |
| CVE-2011-3225 | The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users ... | | |
| CVE-2011-3226 | Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 server is used with RFC 2307 or ... | | |
| CVE-2011-3227 | libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a n... | | |
| CVE-2011-3228 | QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause... | | |
| CVE-2011-3229 | Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute ar... | | |
| CVE-2011-3230 | Apple Safari before 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allo... | | |
| CVE-2011-3231 | The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before 10.7 accesses uninitialized m... | | |
| CVE-2011-3232 | YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allow... | | |
| CVE-2011-3233 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary... | S | |
| CVE-2011-3234 | Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to c... | E S | |
| CVE-2011-3235 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary... | S | |
| CVE-2011-3236 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary... | S | |
| CVE-2011-3237 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary... | S | |
| CVE-2011-3238 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary... | S | |
| CVE-2011-3239 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary... | S | |
| CVE-2011-3240 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3241 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary... | S | |
| CVE-2011-3242 | The Private Browsing feature in Apple Safari before 5.1.1 on Mac OS X does not properly recognize th... | | |
| CVE-2011-3243 | Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before ... | | |
| CVE-2011-3244 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary... | S | |
| CVE-2011-3245 | The Keyboards component in Apple iOS before 5 displays the final character of an entered password du... | | |
| CVE-2011-3246 | CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, wh... | | |
| CVE-2011-3247 | Integer overflow in Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbit... | | |
| CVE-2011-3248 | Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrar... | | |
| CVE-2011-3249 | Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or... | | |
| CVE-2011-3250 | Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code o... | | |
| CVE-2011-3251 | Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a... | | |
| CVE-2011-3252 | Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execut... | S | |
| CVE-2011-3253 | CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man... | | |
| CVE-2011-3254 | Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers t... | | |
| CVE-2011-3255 | CFNetwork in Apple iOS before 5 stores AppleID credentials in an unspecified file, which makes it ea... | | |
| CVE-2011-3256 | FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5... | | |
| CVE-2011-3257 | The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple u... | | |
| CVE-2011-3258 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3259 | The kernel in Apple iOS before 5 and Apple TV before 4.4 does not properly recover memory allocated ... | | |
| CVE-2011-3260 | Buffer overflow in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary c... | | |
| CVE-2011-3261 | Double free vulnerability in OfficeImport in Apple iOS before 5 allows remote attackers to execute a... | | |
| CVE-2011-3262 | tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denia... | S | |
| CVE-2011-3263 | zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows context-dependent attackers to ca... | E S | |
| CVE-2011-3264 | Zabbix before 1.8.6 allows remote attackers to obtain sensitive information via an invalid srcfld2 p... | S | |
| CVE-2011-3265 | popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database ... | | |
| CVE-2011-3266 | The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the ... | | |
| CVE-2011-3267 | PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent ... | | |
| CVE-2011-3268 | Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have... | | |
| CVE-2011-3269 | Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitiv... | | |
| CVE-2011-3270 | Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and 15.0S before 15.0(1)S3a on Cis... | | |
| CVE-2011-3271 | Unspecified vulnerability in the Smart Install functionality in Cisco IOS 12.2 and 15.1 allows remot... | | |
| CVE-2011-3272 | The IP Service Level Agreement (IP SLA) functionality in Cisco IOS 15.1, and IOS XE 2.1.x through 3.... | | |
| CVE-2011-3273 | Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured... | | |
| CVE-2011-3274 | Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x... | | |
| CVE-2011-3275 | Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attacke... | | |
| CVE-2011-3276 | Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through ... | | |
| CVE-2011-3277 | Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through ... | | |
| CVE-2011-3278 | Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through ... | | |
| CVE-2011-3279 | The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and ... | | |
| CVE-2011-3280 | Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS ... | | |
| CVE-2011-3281 | Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain HTTP Layer 7 Application Contro... | | |
| CVE-2011-3282 | Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x... | | |
| CVE-2011-3283 | Cisco Carrier Routing System 3.9.1 allows remote attackers to cause a denial of service (Metro subsy... | S | |
| CVE-2011-3285 | CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500... | | |
| CVE-2011-3287 | Cisco Jabber Extensible Communications Platform (aka Jabber XCP) 2.x through 5.4.x before 5.4.0.2758... | | |
| CVE-2011-3288 | Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, whi... | | |
| CVE-2011-3289 | Cisco IOS 12.4 and 15.0 through 15.2 allows physically proximate attackers to bypass the No Service ... | | |
| CVE-2011-3290 | Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which... | | |
| CVE-2011-3293 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Ac... | | |
| CVE-2011-3294 | Cross-site scripting (XSS) vulnerability in the login page in the administrative interface on Cisco ... | | |
| CVE-2011-3295 | The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as used in Cisco Carrier Routing Sy... | | |
| CVE-2011-3296 | Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16)... | | |
| CVE-2011-3297 | Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16)... | | |
| CVE-2011-3298 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C... | | |
| CVE-2011-3299 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C... | | |
| CVE-2011-3300 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C... | | |
| CVE-2011-3301 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C... | | |
| CVE-2011-3302 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C... | | |
| CVE-2011-3303 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C... | | |
| CVE-2011-3304 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C... | | |
| CVE-2011-3305 | Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remo... | | |
| CVE-2011-3309 | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process I... | | |
| CVE-2011-3310 | The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoW... | | |
| CVE-2011-3315 | Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before ... | | |
| CVE-2011-3317 | Multiple cross-site scripting (XSS) vulnerabilities in the Solution Engine in Cisco Secure Access Co... | | |
| CVE-2011-3318 | Cisco Video Surveillance 2421 and 2500 series cameras with software 1.1.x and 2.x before 2.4.0 and V... | | |
| CVE-2011-3319 | Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T2... | | |
| CVE-2011-3320 | Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platfo... | | |
| CVE-2011-3321 | Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC fl... | | |
| CVE-2011-3322 | Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon SCADA 1.06, and other versions... | E | |
| CVE-2011-3323 | The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a deni... | | |
| CVE-2011-3324 | The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga be... | | |
| CVE-2011-3325 | ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service... | S | |
| CVE-2011-3326 | The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to... | | |
| CVE-2011-3327 | Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga... | | |
| CVE-2011-3328 | The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled... | E S | |
| CVE-2011-3330 | Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 an... | | |
| CVE-2011-3332 | Stack-based buffer overflow in Iceni Argus 6.20 and earlier and Infix 5.04 allows remote attackers t... | | |
| CVE-2011-3336 | regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion... | E | |
| CVE-2011-3337 | eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Securit... | | |
| CVE-2011-3339 | Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Envir... | | |
| CVE-2011-3340 | SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitr... | | |
| CVE-2011-3341 | Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause ... | S | |
| CVE-2011-3342 | Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of servic... | S | |
| CVE-2011-3343 | Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (da... | S | |
| CVE-2011-3344 | Cross-site scripting (XSS) vulnerability in the Lookup Login/Password form in Spacewalk 1.6, as used... | S | |
| CVE-2011-3345 | ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand ... | S | |
| CVE-2011-3346 | Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might... | E S | |
| CVE-2011-3347 | A certain Red Hat patch to the be2net implementation in the kernel package before 2.6.32-218.el6 on ... | | |
| CVE-2011-3348 | The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer ... | E | |
| CVE-2011-3349 | lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are... | | |
| CVE-2011-3350 | masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that resul... | | |
| CVE-2011-3351 | openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system ch... | | |
| CVE-2011-3352 | Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themen... | E | |
| CVE-2011-3353 | Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before ... | S | |
| CVE-2011-3354 | The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote atta... | S | |
| CVE-2011-3355 | evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to sto... | E | |
| CVE-2011-3356 | Multiple cross-site scripting (XSS) vulnerabilities in config_defaults_inc.php in MantisBT before 1.... | E S | |
| CVE-2011-3357 | Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows re... | E S | |
| CVE-2011-3358 | Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.8 allow remote attackers ... | E S | |
| CVE-2011-3359 | The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not pro... | E S | |
| CVE-2011-3360 | Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows lo... | | |
| CVE-2011-3361 | Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versi... | E | |
| CVE-2011-3362 | Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg ... | S | |
| CVE-2011-3363 | The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly ... | S | |
| CVE-2011-3364 | Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in ... | E S | |
| CVE-2011-3365 | The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does no... | S | |
| CVE-2011-3366 | Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security... | S | |
| CVE-2011-3367 | Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fiel... | | |
| CVE-2011-3368 | The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x... | E S | |
| CVE-2011-3369 | The add_conversation function in conversations.c in EtherApe before 0.9.12 allows remote attackers t... | | |
| CVE-2011-3370 | statusnet before 0.9.9 has XSS... | | |
| CVE-2011-3371 | Multiple cross-site scripting (XSS) vulnerabilities in include/functions.php in PunBB before 1.3.6 a... | E S | |
| CVE-2011-3372 | imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers ... | | |
| CVE-2011-3373 | Drupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the voc... | | |
| CVE-2011-3374 | It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master k... | E | |
| CVE-2011-3375 | Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching ... | | |
| CVE-2011-3376 | org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not pro... | S | |
| CVE-2011-3377 | The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attac... | S | |
| CVE-2011-3378 | RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of servi... | E | |
| CVE-2011-3379 | The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it ... | E S | |
| CVE-2011-3380 | Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service (NULL pointer de... | S | |
| CVE-2011-3381 | Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.16 allows remote attackers to h... | | |
| CVE-2011-3382 | Cross-site scripting (XSS) vulnerability in Phorum before 5.2.16 allows remote attackers to inject a... | | |
| CVE-2011-3383 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attacke... | | |
| CVE-2011-3384 | Cross-site scripting (XSS) vulnerability in the Sage add-on 1.3.10 and earlier for Firefox allows re... | | |
| CVE-2011-3385 | Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, as used in LEPTON and possibly ... | | |
| CVE-2011-3386 | Unspecified vulnerability in Medtronic Paradigm wireless insulin pump 512, 522, 712, and 722 allows ... | | |
| CVE-2011-3387 | The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial... | | |
| CVE-2011-3388 | Opera before 11.51 allows remote attackers to cause an insecure site to appear secure or trusted via... | | |
| CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Expl... | S | |
| CVE-2011-3390 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before ... | E | |
| CVE-2011-3391 | IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code to enforce the EditSecurity per... | | |
| CVE-2011-3392 | Cross-site scripting (XSS) vulnerability in control.php in the controlcenter in Phorum before 5.2.17... | | |
| CVE-2011-3393 | Multiple cross-site scripting (XSS) vulnerabilities in findagent.php in MYRE Real Estate Software al... | E | |
| CVE-2011-3394 | SQL injection vulnerability in findagent.php in MYRE Real Estate Software allows remote attackers to... | E | |
| CVE-2011-3395 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3396 | Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to ... | | |
| CVE-2011-3397 | The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 a... | | |
| CVE-2011-3398 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3399 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3400 | Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly handle OLE objects in memory, w... | | |
| CVE-2011-3401 | ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vis... | | |
| CVE-2011-3402 | Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drive... | | |
| CVE-2011-3403 | Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which all... | | |
| CVE-2011-3404 | Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to... | S | |
| CVE-2011-3405 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3406 | Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory ... | | |
| CVE-2011-3407 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3408 | Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft W... | | |
| CVE-2011-3409 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3410 | Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to ... | | |
| CVE-2011-3411 | Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publish... | | |
| CVE-2011-3412 | Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary cod... | | |
| CVE-2011-3413 | Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and P... | | |
| CVE-2011-3414 | The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET ... | | |
| CVE-2011-3415 | Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsof... | | |
| CVE-2011-3416 | The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 S... | | |
| CVE-2011-3417 | The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 S... | | |
| CVE-2011-3418 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3419 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3420 | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung... | | |
| CVE-2011-3421 | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung... | | |
| CVE-2011-3422 | The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrust... | | |
| CVE-2011-3423 | Cross-site scripting (XSS) vulnerability in the Managed File Transfer server in TIBCO Managed File T... | | |
| CVE-2011-3424 | Session fixation vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer In... | | |
| CVE-2011-3426 | Cross-site scripting (XSS) vulnerability in Safari in Apple iOS before 5 allows remote web servers t... | | |
| CVE-2011-3427 | The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict... | | |
| CVE-2011-3428 | Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary c... | | |
| CVE-2011-3429 | The Settings component in Apple iOS before 5 stores a cleartext parental-restrictions passcode in an... | | |
| CVE-2011-3430 | The Settings component in Apple iOS before 5, when a configuration profile is used for a locale othe... | | |
| CVE-2011-3431 | The Home screen component in Apple iOS before 5 does not properly support a certain application-swit... | | |
| CVE-2011-3432 | The UIKit Alerts component in Apple iOS before 5 allows remote attackers to cause a denial of servic... | | |
| CVE-2011-3433 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3434 | The WiFi component in Apple iOS before 5 stores WiFi credentials in an unspecified file, which makes... | | |
| CVE-2011-3435 | Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of ... | | |
| CVE-2011-3436 | Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current p... | | |
| CVE-2011-3437 | Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows re... | | |
| CVE-2011-3438 | WebKit, as used in Safari 5.0.6, allows remote attackers to cause a denial of service (process crash... | | |
| CVE-2011-3439 | FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code... | | |
| CVE-2011-3440 | The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the lo... | | |
| CVE-2011-3441 | libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows remo... | | |
| CVE-2011-3442 | The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap s... | | |
| CVE-2011-3443 | Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attacker... | | |
| CVE-2011-3444 | Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon fai... | | |
| CVE-2011-3445 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3446 | Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-f... | | |
| CVE-2011-3447 | CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during ... | | |
| CVE-2011-3448 | Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to e... | | |
| CVE-2011-3449 | Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to ... | | |
| CVE-2011-3450 | CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack mem... | | |
| CVE-2011-3451 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3452 | Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across so... | | |
| CVE-2011-3453 | Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows remote attackers to execute arb... | | |
| CVE-2011-3454 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3455 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3456 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3457 | The OpenGL implementation in Apple Mac OS X before 10.7.3 does not properly perform OpenGL Shading L... | | |
| CVE-2011-3458 | QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations,... | | |
| CVE-2011-3459 | Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arb... | | |
| CVE-2011-3460 | Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbi... | | |
| CVE-2011-3461 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3462 | Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP... | | |
| CVE-2011-3463 | WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, whic... | | |
| CVE-2011-3464 | Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 m... | | |
| CVE-2011-3465 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3466 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3467 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3468 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3469 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3470 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3471 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3472 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3473 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3474 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3475 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2011-3476 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3477 | GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Rec... | S | |
| CVE-2011-3478 | The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pc... | E | |
| CVE-2011-3479 | Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5... | | |
| CVE-2011-3480 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3481 | The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side ... | S | |
| CVE-2011-3482 | The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark... | E S | |
| CVE-2011-3483 | Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash... | | |
| CVE-2011-3484 | The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wiresh... | E S | |
| CVE-2011-3486 | Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a ... | E | |
| CVE-2011-3487 | Directory traversal vulnerability in CarelDataServer.exe in Carel PlantVisor 2.4.4 and earlier allow... | E | |
| CVE-2011-3488 | Use-after-free vulnerability in Equis MetaStock 11 and earlier allows remote attackers to execute ar... | | |
| CVE-2011-3489 | RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and earlier allows remote attackers ... | E | |
| CVE-2011-3490 | Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow... | E | |
| CVE-2011-3491 | Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attacker... | E | |
| CVE-2011-3492 | Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and earlier allows remote attacke... | E | |
| CVE-2011-3493 | Multiple stack-based buffer overflows in the DH_OneSecondTick function in Cogent DataHub 7.1.1.63 an... | E | |
| CVE-2011-3494 | WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (cr... | E | |
| CVE-2011-3495 | Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlie... | E | |
| CVE-2011-3496 | service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary c... | E | |
| CVE-2011-3497 | service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary D... | E | |
| CVE-2011-3498 | Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attacker... | E | |
| CVE-2011-3499 | Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service... | E | |
| CVE-2011-3500 | Directory traversal vulnerability in the web server in Cogent DataHub 7.1.1.63 and earlier allows re... | E | |
| CVE-2011-3501 | Integer overflow in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to cause a denial of... | E | |
| CVE-2011-3502 | The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source c... | E | |
| CVE-2011-3503 | Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows l... | | |
| CVE-2011-3504 | The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows r... | | |
| CVE-2011-3505 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3506 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 a... | S | |
| CVE-2011-3507 | Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suit... | | |
| CVE-2011-3508 | Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affe... | S | |
| CVE-2011-3509 | Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allow... | S | |
| CVE-2011-3510 | Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle... | | |
| CVE-2011-3511 | Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0... | S | |
| CVE-2011-3512 | Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, ... | | |
| CVE-2011-3513 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | | |
| CVE-2011-3514 | Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allow... | S | |
| CVE-2011-3515 | Unspecified vulnerability in the Oracle Solaris 10 and 11 Express allows local users to affect integ... | S | |
| CVE-2011-3516 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 ... | | |
| CVE-2011-3517 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows re... | S | |
| CVE-2011-3518 | Unspecified vulnerability in the Siebel Core - UIF Client component in Oracle Siebel CRM 8.0.0 allow... | S | |
| CVE-2011-3519 | Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ... | S | |
| CVE-2011-3520 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2011-3521 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7... | | |
| CVE-2011-3522 | Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade ... | | |
| CVE-2011-3523 | Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 1... | | |
| CVE-2011-3524 | Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allow... | S | |
| CVE-2011-3525 | Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0... | S | |
| CVE-2011-3526 | Unspecified vulnerability in the Siebel Core - UIF Server component in Oracle Siebel CRM 8.0.0 and 8... | | |
| CVE-2011-3527 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ... | S | |
| CVE-2011-3528 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ... | | |
| CVE-2011-3529 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ... | S | |
| CVE-2011-3530 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ... | | |
| CVE-2011-3531 | Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 1... | | |
| CVE-2011-3532 | Unspecified vulnerability in the Oracle Agile Product Supplier Collaboration for Process component i... | | |
| CVE-2011-3533 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ... | S | |
| CVE-2011-3534 | Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affe... | | |
| CVE-2011-3535 | Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 8, 9, 10, and 11 Exp... | S | |
| CVE-2011-3536 | Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to... | | |
| CVE-2011-3537 | Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect av... | | |
| CVE-2011-3538 | Unspecified vulnerability in the Sun Ray component in Oracle Virtualization 4.0 allows remote attack... | | |
| CVE-2011-3539 | Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availabil... | | |
| CVE-2011-3540 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3541 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | S | |
| CVE-2011-3542 | Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availabil... | S | |
| CVE-2011-3543 | Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availabilit... | S | |
| CVE-2011-3544 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 ... | KEV S | |
| CVE-2011-3545 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 ... | | |
| CVE-2011-3546 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3547 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3548 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3549 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 ... | | |
| CVE-2011-3550 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3551 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3552 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3553 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3554 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3555 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, a... | | |
| CVE-2011-3556 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3557 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3558 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3559 | Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.... | S | |
| CVE-2011-3560 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3561 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7,... | | |
| CVE-2011-3562 | Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.6, an... | | |
| CVE-2011-3563 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update... | | |
| CVE-2011-3564 | Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 allows local users to affect c... | | |
| CVE-2011-3565 | Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confiden... | | |
| CVE-2011-3566 | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4,... | | |
| CVE-2011-3567 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3568 | Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 1... | | |
| CVE-2011-3569 | Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 1... | | |
| CVE-2011-3570 | Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confiden... | | |
| CVE-2011-3571 | Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualiza... | | |
| CVE-2011-3572 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3573 | Unspecified vulnerability in Oracle Communications Unified 7.0 allows remote authenticated users to ... | | |
| CVE-2011-3574 | Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confiden... | | |
| CVE-2011-3575 | Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino ... | E | |
| CVE-2011-3576 | Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 allows remote attackers to inject... | E | |
| CVE-2011-3577 | IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.3 does not properly implement Acti... | | |
| CVE-2011-3578 | Cross-site scripting (XSS) vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 al... | E S | |
| CVE-2011-3579 | server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers t... | E | |
| CVE-2011-3580 | IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration... | E | |
| CVE-2011-3581 | Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows... | | |
| CVE-2011-3582 | A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF) through 1... | E S | |
| CVE-2011-3583 | It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter ... | | |
| CVE-2011-3584 | The TYPO3 Core wec_discussion extension before 2.1.1 is vulnerable to SQL Injection due to improper ... | | |
| CVE-2011-3585 | Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local... | | |
| CVE-2011-3586 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-3504. Reason: This candidate... | R | |
| CVE-2011-3587 | Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and ... | S | |
| CVE-2011-3588 | The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-to... | | |
| CVE-2011-3589 | The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-1... | | |
| CVE-2011-3590 | The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-1... | | |
| CVE-2011-3591 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote au... | | |
| CVE-2011-3592 | Multiple cross-site scripting (XSS) vulnerabilities in the PMA_unInlineEditRow function in js/sql.js... | | |
| CVE-2011-3593 | A certain Red Hat patch to the vlan_hwaccel_do_receive function in net/8021q/vlan_core.c in the Linu... | | |
| CVE-2011-3594 | The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as u... | E | |
| CVE-2011-3595 | Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in t... | E | |
| CVE-2011-3596 | Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request... | | |
| CVE-2011-3597 | Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent atta... | S | |
| CVE-2011-3598 | Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attacker... | S | |
| CVE-2011-3599 | The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses th... | S | |
| CVE-2011-3600 | The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity I... | S | |
| CVE-2011-3601 | Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 a... | | |
| CVE-2011-3602 | Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) befor... | | |
| CVE-2011-3603 | The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_... | | |
| CVE-2011-3604 | The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attack... | | |
| CVE-2011-3605 | The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when UnicastOnly is... | | |
| CVE-2011-3606 | A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta ... | | |
| CVE-2011-3607 | Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through... | E | |
| CVE-2011-3608 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0815. Reason: This candida... | R | |
| CVE-2011-3609 | A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict a... | | |
| CVE-2011-3610 | A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in t... | E | |
| CVE-2011-3611 | A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12.... | E | |
| CVE-2011-3612 | Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12.... | E | |
| CVE-2011-3613 | An issue exists in Vanilla Forums before 2.0.17.9 due to the way cookies are handled.... | | |
| CVE-2011-3614 | An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla For... | | |
| CVE-2011-3615 | Multiple SQL injection vulnerabilities in Simple Machines Forum (SMF) before 1.1.15 and 2.x before 2... | | |
| CVE-2011-3616 | The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwri... | E | |
| CVE-2011-3617 | Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some ca... | | |
| CVE-2011-3618 | atop: symlink attack possible due to insecure tempfile handling... | S | |
| CVE-2011-3619 | The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not... | E S | |
| CVE-2011-3620 | Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows ... | | |
| CVE-2011-3621 | A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled.... | | |
| CVE-2011-3622 | A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18.... | | |
| CVE-2011-3623 | Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attacke... | | |
| CVE-2011-3624 | Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Fo... | | |
| CVE-2011-3625 | Stack-based buffer overflow in the sub_read_line_sami function in subreader.c in MPlayer, as used in... | S | |
| CVE-2011-3626 | Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, ... | S | |
| CVE-2011-3627 | The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (cr... | | |
| CVE-2011-3628 | Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3... | | |
| CVE-2011-3629 | Joomla! core 1.7.1 allows information disclosure due to weak encryption... | | |
| CVE-2011-3630 | Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way dire... | S | |
| CVE-2011-3631 | Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because ... | | |
| CVE-2011-3632 | Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attack... | E | |
| CVE-2011-3633 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4062. Reason: This candida... | R | |
| CVE-2011-3634 | methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails valid... | | |
| CVE-2011-3635 | Cross-site scripting (XSS) vulnerability in the theme_adium_append_message function in empathy-theme... | S | |
| CVE-2011-3636 | Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 ... | | |
| CVE-2011-3637 | The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to ca... | S | |
| CVE-2011-3638 | fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain... | S | |
| CVE-2011-3639 | The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when th... | | |
| CVE-2011-3640 | Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Ch... | E S | |
| CVE-2011-3642 | Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the Ne... | E | |
| CVE-2011-3645 | Newgen OmniDocs allows remote attackers to bypass intended access restrictions via (1) a modified Fo... | E | |
| CVE-2011-3646 | phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive info... | S | |
| CVE-2011-3647 | The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properl... | | |
| CVE-2011-3648 | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Th... | | |
| CVE-2011-3649 | Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conju... | | |
| CVE-2011-3650 | Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 d... | | |
| CVE-2011-3651 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.... | | |
| CVE-2011-3652 | The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly alloca... | | |
| CVE-2011-3653 | Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the ... | | |
| CVE-2011-3654 | The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle... | | |
| CVE-2011-3655 | Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without check... | | |
| CVE-2011-3656 | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7 allows r... | | |
| CVE-2011-3657 | Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and... | E | |
| CVE-2011-3658 | The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly ... | | |
| CVE-2011-3659 | Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird befor... | E S | |
| CVE-2011-3660 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thund... | | |
| CVE-2011-3661 | YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before ... | | |
| CVE-2011-3663 | Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote ... | | |
| CVE-2011-3664 | Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not prop... | | |
| CVE-2011-3665 | Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote ... | | |
| CVE-2011-3666 | Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS X do not consider .jar files t... | | |
| CVE-2011-3667 | The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3... | | |
| CVE-2011-3668 | Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x before... | E | |
| CVE-2011-3669 | Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x befo... | E | |
| CVE-2011-3670 | Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, an... | | |
| CVE-2011-3671 | Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozil... | | |
| CVE-2011-3672 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3673 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3674 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3675 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3676 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3677 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3678 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3679 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3680 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3681 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-3684 | Multiple cross-site scripting (XSS) vulnerabilities in Tembria Server Monitor before 6.0.5 Build 225... | E | |
| CVE-2011-3685 | Tembria Server Monitor before 6.0.5 Build 2252 uses a substitution cipher to encrypt application cre... | | |
| CVE-2011-3686 | Multiple cross-site scripting (XSS) vulnerabilities in myAddressBook.asp in Sonexis ConferenceManage... | E | |
| CVE-2011-3687 | Multiple cross-site scripting (XSS) vulnerabilities in Sonexis ConferenceManager 9.2.11.0 allow remo... | E | |
| CVE-2011-3688 | Multiple SQL injection vulnerabilities in Sonexis ConferenceManager 9.3.14.0 allow remote attackers ... | E | |
| CVE-2011-3689 | Cross-site scripting (XSS) vulnerability in Licenses.html in Wibu-Systems CodeMeter WebAdmin 3.30 an... | E | |
| CVE-2011-3690 | Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 allows local users to gain pri... | | |
| CVE-2011-3691 | Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 allows local users to gain pri... | | |
| CVE-2011-3692 | NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, w... | | |
| CVE-2011-3693 | NetSaro Enterprise Messenger Server 2.0 allows local users to discover cleartext server credentials ... | | |
| CVE-2011-3694 | The Server Administration Console in NetSaro Enterprise Messenger Server 2.0 allows remote attackers... | | |
| CVE-2011-3695 | 111WebCalendar 1.2.3 allows remote attackers to obtain sensitive information via a direct request to... | E | |
| CVE-2011-3696 | 60cycleCMS 2.5.2 allows remote attackers to obtain sensitive information via a direct request to a .... | E | |
| CVE-2011-3697 | Achievo 1.4.5 allows remote attackers to obtain sensitive information via a direct request to a .php... | E | |
| CVE-2011-3698 | AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive information via a direct request to ... | E | |
| CVE-2011-3699 | John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain sensitive information via a di... | E | |
| CVE-2011-3700 | Advanced Electron Forum (AEF) 1.0.8 allows remote attackers to obtain sensitive information via a di... | E | |
| CVE-2011-3701 | AlegroCart 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .... | E | |
| CVE-2011-3702 | Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a... | E | |
| CVE-2011-3703 | AneCMS 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php fi... | E | |
| CVE-2011-3704 | appRain 0.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php... | E | |
| CVE-2011-3705 | Arctic Fox CMS 0.9.4 allows remote attackers to obtain sensitive information via a direct request to... | E | |
| CVE-2011-3706 | ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php fi... | E | |
| CVE-2011-3707 | JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote attackers to obtain sensitive inform... | E | |
| CVE-2011-3708 | Automne 4.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php... | E | |
| CVE-2011-3709 | b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a ... | E | |
| CVE-2011-3710 | bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php... | E | |
| CVE-2011-3711 | BIGACE 2.7.5 allows remote attackers to obtain sensitive information via a direct request to a .php ... | E | |
| CVE-2011-3712 | CakePHP 1.3.7 allows remote attackers to obtain sensitive information via a direct request to a .php... | E | |
| CVE-2011-3713 | cFTP r80 allows remote attackers to obtain sensitive information via a direct request to a .php file... | E | |
| CVE-2011-3714 | ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a ... | E | |
| CVE-2011-3715 | ClanTiger 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .p... | E | |
| CVE-2011-3716 | Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .p... | E | |
| CVE-2011-3717 | ClipBucket 2.0.9 allows remote attackers to obtain sensitive information via a direct request to a .... | E | |
| CVE-2011-3718 | CMS Made Simple (CMSMS) 1.9.2 allows remote attackers to obtain sensitive information via a direct r... | E | |
| CVE-2011-3719 | CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a ... | E | |
| CVE-2011-3720 | conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote attackers to obtain sensitive inf... | E | |
| CVE-2011-3721 | concrete 5.4.0.5, 5.4.1, and 5.4.1.1 allows remote attackers to obtain sensitive information via a d... | E | |
| CVE-2011-3722 | Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a ... | E | |
| CVE-2011-3723 | Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive information via a direct request to ... | E | |
| CVE-2011-3724 | CubeCart 4.4.3 allows remote attackers to obtain sensitive information via a direct request to a .ph... | E | |
| CVE-2011-3725 | DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php ... | E | |
| CVE-2011-3726 | DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .p... | E | |
| CVE-2011-3727 | DokuWiki 2009-12-25c allows remote attackers to obtain sensitive information via a direct request to... | E | |
| CVE-2011-3728 | Dolphin 7.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php... | | |
| CVE-2011-3729 | dotproject 2.1.4 allows remote attackers to obtain sensitive information via a direct request to a .... | E | |
| CVE-2011-3730 | Drupal 7.0 allows remote attackers to obtain sensitive information via a direct request to a .php fi... | E | |
| CVE-2011-3731 | e107 0.7.24 allows remote attackers to obtain sensitive information via a direct request to a .php f... | E | |
| CVE-2011-3732 | eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php... | E | |
| CVE-2011-3733 | Elgg 1.7.6 allows remote attackers to obtain sensitive information via a direct request to a .php fi... | E | |
| CVE-2011-3734 | Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .ph... | E | |
| CVE-2011-3735 | Escort Agency CMS (aka escort-agency-cms) allows remote attackers to obtain sensitive information vi... | E | |
| CVE-2011-3736 | ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .... | E | |
| CVE-2011-3737 | eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php... | E | |
| CVE-2011-3738 | Feng Office 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a ... | E | |
| CVE-2011-3739 | Freeway 1.5 Alpha allows remote attackers to obtain sensitive information via a direct request to a ... | E | |
| CVE-2011-3740 | FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request t... | E | |
| CVE-2011-3741 | Ganglia 3.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php... | E | |
| CVE-2011-3742 | HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request t... | E | |
| CVE-2011-3743 | Hesk 2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file... | E | |
| CVE-2011-3744 | HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to ... | E | |
| CVE-2011-3745 | HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .ph... | E | |
| CVE-2011-3746 | Jcow 4.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php fi... | E | |
| CVE-2011-3747 | Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php... | E | |
| CVE-2011-3748 | Kamads Classifieds 2_B3 allows remote attackers to obtain sensitive information via a direct request... | E | |
| CVE-2011-3749 | ka-Map 1.0-20070205 allows remote attackers to obtain sensitive information via a direct request to ... | | |
| CVE-2011-3750 | kPlaylist 1.8.502 allows remote attackers to obtain sensitive information via a direct request to a ... | E | |
| CVE-2011-3751 | LifeType 1.2.10 allows remote attackers to obtain sensitive information via a direct request to a .p... | E | |
| CVE-2011-3752 | LimeSurvey 1.90+ build9642-20101214 allows remote attackers to obtain sensitive information via a di... | E | |
| CVE-2011-3753 | LinPHA 1.3.4 allows remote attackers to obtain sensitive information via a direct request to a .php ... | E | |
| CVE-2011-3754 | Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php f... | E | |
| CVE-2011-3755 | MantisBT 1.2.4 allows remote attackers to obtain sensitive information via a direct request to a .ph... | E | |
| CVE-2011-3756 | MicroBlog 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .p... | E | |
| CVE-2011-3757 | Moodle 2.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php ... | E | |
| CVE-2011-3758 | ::mound:: 2.1.6 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3759 | MyBB (aka MyBulletinBoard) 1.6 allows remote attackers to obtain sensitive information via a direct ... | E | |
| CVE-2011-3760 | Nucleus 3.61 allows remote attackers to obtain sensitive information via a direct request to a .php ... | E | |
| CVE-2011-3761 | NuSOAP 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php ... | E | |
| CVE-2011-3762 | OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .ph... | E | |
| CVE-2011-3763 | OpenCart 1.4.9.3 allows remote attackers to obtain sensitive information via a direct request to a .... | E | |
| CVE-2011-3764 | OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain sensitive information via a direct... | E | |
| CVE-2011-3765 | Open-Realty 2.5.8 allows remote attackers to obtain sensitive information via a direct request to a ... | | |
| CVE-2011-3766 | OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive information via a direct request to a ... | | |
| CVE-2011-3767 | osCommerce 3.0a5 allows remote attackers to obtain sensitive information via a direct request to a .... | | |
| CVE-2011-3768 | Phorum 5.2.15a allows remote attackers to obtain sensitive information via a direct request to a .ph... | | |
| CVE-2011-3769 | PHPads 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php fi... | | |
| CVE-2011-3770 | phpAlbum 0.4.1.14 allows remote attackers to obtain sensitive information via a direct request to a ... | | |
| CVE-2011-3771 | phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php... | | |
| CVE-2011-3772 | phpCollab 2.5 allows remote attackers to obtain sensitive information via a direct request to a .php... | | |
| CVE-2011-3773 | PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive information via a direct reque... | | |
| CVE-2011-3774 | php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to obtain sensitive information via a... | | |
| CVE-2011-3775 | PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive information via a direct request ... | | |
| CVE-2011-3776 | phpFormGenerator 2.09 allows remote attackers to obtain sensitive information via a direct request t... | | |
| CVE-2011-3777 | phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3778 | PhpGedView 4.2.3 allows remote attackers to obtain sensitive information via a direct request to a .... | | |
| CVE-2011-3779 | PhpHostBot 2.0 allows remote attackers to obtain sensitive information via a direct request to a .ph... | | |
| CVE-2011-3780 | PHP iCalendar 2.4 allows remote attackers to obtain sensitive information via a direct request to a ... | | |
| CVE-2011-3781 | PHPIDS 0.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php ... | | |
| CVE-2011-3782 | phpLD 2-151.2.0 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3783 | phpMyFAQ 2.6.13 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3784 | Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct re... | | |
| CVE-2011-3785 | PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain sensitive information via a direct re... | | |
| CVE-2011-3786 | PHProjekt 6.0.5 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3787 | phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to... | | |
| CVE-2011-3788 | PhpSecInfo 0.2.1 allows remote attackers to obtain sensitive information via a direct request to a .... | | |
| CVE-2011-3789 | phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive information via a direct request to a... | | |
| CVE-2011-3790 | Piwigo 2.1.5 allows remote attackers to obtain sensitive information via a direct request to a .php ... | | |
| CVE-2011-3791 | Piwik 1.1 allows remote attackers to obtain sensitive information via a direct request to a .php fil... | | |
| CVE-2011-3792 | Pixelpost 1.7.3 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3793 | Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php fi... | | |
| CVE-2011-3794 | Pligg CMS 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3795 | Podcast Generator 1.3 allows remote attackers to obtain sensitive information via a direct request t... | | |
| CVE-2011-3796 | PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a... | | |
| CVE-2011-3797 | ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to ... | | |
| CVE-2011-3798 | Rapid Leech 2.3-v42-svn322 allows remote attackers to obtain sensitive information via a direct requ... | | |
| CVE-2011-3799 | ReOS 2.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php fi... | | |
| CVE-2011-3800 | Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a ... | | |
| CVE-2011-3801 | SimpleTest 1.0.1 allows remote attackers to obtain sensitive information via a direct request to a .... | | |
| CVE-2011-3802 | StatusNet 0.9.6 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3803 | SugarCRM 6.1.0 allows remote attackers to obtain sensitive information via a direct request to a .ph... | | |
| CVE-2011-3804 | SweetRice 0.7.1 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3805 | TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct requ... | | |
| CVE-2011-3806 | TCExam 11.1.015 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3807 | Textpattern 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a ... | | |
| CVE-2011-3808 | The Bug Genie 2.1.2 allows remote attackers to obtain sensitive information via a direct request to ... | | |
| CVE-2011-3809 | TheHostingTool (THT) 1.2.3 allows remote attackers to obtain sensitive information via a direct requ... | | |
| CVE-2011-3810 | TinyWebGallery (TWG) 1.8.3 allows remote attackers to obtain sensitive information via a direct requ... | | |
| CVE-2011-3811 | TomatoCart 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .... | | |
| CVE-2011-3812 | Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .ph... | | |
| CVE-2011-3813 | Virtual War (aka VWar) 1.5.0r15 allows remote attackers to obtain sensitive information via a direct... | | |
| CVE-2011-3814 | WebCalendar 1.2.3, and other versions before 1.2.5, allows remote attackers to obtain sensitive info... | | |
| CVE-2011-3815 | WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php f... | | |
| CVE-2011-3816 | WEBinsta mailing list manager 1.3e allows remote attackers to obtain sensitive information via a dir... | | |
| CVE-2011-3817 | Website Baker 2.8.1 allows remote attackers to obtain sensitive information via a direct request to ... | | |
| CVE-2011-3818 | WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive information via a direct reque... | | |
| CVE-2011-3819 | WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request t... | | |
| CVE-2011-3820 | WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a... | | |
| CVE-2011-3821 | xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .p... | | |
| CVE-2011-3822 | XOOPS 2.5.0 allows remote attackers to obtain sensitive information via a direct request to a .php f... | | |
| CVE-2011-3823 | Yamamah 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php f... | | |
| CVE-2011-3824 | Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a di... | | |
| CVE-2011-3825 | Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive informatio... | | |
| CVE-2011-3826 | Zikula 1.2.4 allows remote attackers to obtain sensitive information via a direct request to a .php ... | | |
| CVE-2011-3827 | The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 bef... | | |
| CVE-2011-3828 | DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote attackers to execute arbitrar... | | |
| CVE-2011-3829 | ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to... | E | |
| CVE-2011-3830 | Cross-site scripting (XSS) vulnerability in search.php in Support Incident Tracker (aka SiT!) 3.65 a... | E | |
| CVE-2011-3831 | SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 ... | E | |
| CVE-2011-3832 | Eval injection vulnerability in config.php in Support Incident Tracker (aka SiT!) 3.65 allows remote... | E | |
| CVE-2011-3833 | Unrestricted file upload vulnerability in ftp_upload_file.php in Support Incident Tracker (aka SiT!)... | E | |
| CVE-2011-3834 | Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to... | | |
| CVE-2011-3835 | Multiple cross-site scripting (XSS) vulnerabilities in Wuzly 2.0 allow remote attackers to inject ar... | | |
| CVE-2011-3836 | Multiple cross-site request forgery (CSRF) vulnerabilities in Wuzly 2.0 allow remote attackers to hi... | | |
| CVE-2011-3837 | Directory traversal vulnerability in blog_system/data_functions.php in Wuzly 2.0 allows remote attac... | | |
| CVE-2011-3838 | Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL ... | | |
| CVE-2011-3839 | The administration functionality in Wuzly 2.0 allows remote attackers to bypass authentication by se... | | |
| CVE-2011-3841 | Cross-site scripting (XSS) vulnerability in uploadify/get_profile_avatar.php in the WP Symposium plu... | | |
| CVE-2011-3844 | Apple Safari 5.0.5 does not properly implement the setInterval function, which allows remote attacke... | | |
| CVE-2011-3845 | Use-after-free vulnerability in Apple Safari 5.1.2, when a plug-in with a blocking function is insta... | | |
| CVE-2011-3846 | Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allow... | | |
| CVE-2011-3848 | Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote... | S | |
| CVE-2011-3849 | Unspecified vulnerability in dxserver before 6279 in CA Directory 8.1 and CA Directory r12 before SP... | S | |
| CVE-2011-3850 | Cross-site scripting (XSS) vulnerability in the Atahualpa theme before 3.6.8 for WordPress allows re... | E | |
| CVE-2011-3851 | Cross-site scripting (XSS) vulnerability in the News theme before 0.2 for WordPress allows remote at... | E | |
| CVE-2011-3852 | Cross-site scripting (XSS) vulnerability in the EvoLve theme before 1.2.6 for WordPress allows remot... | E | |
| CVE-2011-3853 | Cross-site scripting (XSS) vulnerability in the Hybrid theme before 0.10 for WordPress allows remote... | E | |
| CVE-2011-3854 | Cross-site scripting (XSS) vulnerability in the ZenLite theme before 4.4 for WordPress allows remote... | E | |
| CVE-2011-3855 | Cross-site scripting (XSS) vulnerability in the F8 Lite theme before 4.2.2 for WordPress allows remo... | E | |
| CVE-2011-3856 | Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme before 1.0.4 for WordPress allo... | E | |
| CVE-2011-3857 | Cross-site scripting (XSS) vulnerability in the Antisnews theme before 1.10 for WordPress allows rem... | E | |
| CVE-2011-3858 | Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme before 2.1.6 for WordPress allows... | E | |
| CVE-2011-3859 | Cross-site scripting (XSS) vulnerability in the Trending theme before 0.2 for WordPress allows remot... | E | |
| CVE-2011-3860 | Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows rem... | E | |
| CVE-2011-3861 | Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress... | E | |
| CVE-2011-3862 | Cross-site scripting (XSS) vulnerability in the Morning Coffee theme before 3.6 for WordPress allows... | | |
| CVE-2011-3863 | Cross-site scripting (XSS) vulnerability in the RedLine theme before 1.66 for WordPress allows remot... | E | |
| CVE-2011-3864 | Cross-site scripting (XSS) vulnerability in the The Erudite theme before 2.7.9 for WordPress allows ... | E | |
| CVE-2011-3865 | Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme before 1.6 for WordPress allo... | E | |
| CVE-2011-3866 | Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly restrict availability of motion ... | | |
| CVE-2011-3867 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-2998. Reason: This candida... | R | |
| CVE-2011-3868 | Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusio... | S | |
| CVE-2011-3869 | Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary... | S | |
| CVE-2011-3870 | Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissi... | S | |
| CVE-2011-3871 | Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a pred... | S | |
| CVE-2011-3872 | Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.... | S | |
| CVE-2011-3873 | Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remot... | | |
| CVE-2011-3874 | Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 al... | | |
| CVE-2011-3875 | Google Chrome before 15.0.874.102 does not properly handle drag and drop operations on URL strings, ... | | |
| CVE-2011-3876 | Google Chrome before 15.0.874.102 does not properly handle downloading files that have whitespace ch... | | |
| CVE-2011-3877 | Cross-site scripting (XSS) vulnerability in the appcache internals page in Google Chrome before 15.0... | | |
| CVE-2011-3878 | Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of ser... | | |
| CVE-2011-3879 | Google Chrome before 15.0.874.102 does not prevent redirects to chrome: URLs, which has unspecified ... | | |
| CVE-2011-3880 | Google Chrome before 15.0.874.102 does not prevent use of an unspecified special character as a deli... | | |
| CVE-2011-3881 | WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers... | | |
| CVE-2011-3882 | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a... | | |
| CVE-2011-3883 | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a... | | |
| CVE-2011-3884 | Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal, whic... | | |
| CVE-2011-3885 | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a... | | |
| CVE-2011-3886 | Google V8, as used in Google Chrome before 15.0.874.102, allows remote attackers to cause a denial o... | | |
| CVE-2011-3887 | Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote att... | | |
| CVE-2011-3888 | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attack... | | |
| CVE-2011-3889 | Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allo... | | |
| CVE-2011-3890 | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a... | | |
| CVE-2011-3891 | Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions,... | | |
| CVE-2011-3892 | Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote a... | | |
| CVE-2011-3893 | Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, whi... | | |
| CVE-2011-3894 | Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attack... | | |
| CVE-2011-3895 | Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote ... | | |
| CVE-2011-3896 | Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of se... | | |
| CVE-2011-3897 | Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attack... | | |
| CVE-2011-3898 | Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request u... | | |
| CVE-2011-3900 | Google V8, as used in Google Chrome before 15.0.874.121, allows remote attackers to cause a denial o... | | |
| CVE-2011-3901 | Android SQLite Journal before 4.0.1 has an information disclosure vulnerability.... | E | |
| CVE-2011-3903 | Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attac... | | |
| CVE-2011-3904 | Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a ... | | |
| CVE-2011-3905 | libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of s... | | |
| CVE-2011-3906 | The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of serv... | | |
| CVE-2011-3907 | The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL... | | |
| CVE-2011-3908 | Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attacker... | | |
| CVE-2011-3909 | The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platfo... | | |
| CVE-2011-3910 | Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote atta... | | |
| CVE-2011-3911 | Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attacke... | | |
| CVE-2011-3912 | Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a ... | | |
| CVE-2011-3913 | Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a ... | | |
| CVE-2011-3914 | The internationalization (aka i18n) functionality in Google V8, as used in Google Chrome before 16.0... | | |
| CVE-2011-3915 | Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of ser... | | |
| CVE-2011-3916 | Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote ... | | |
| CVE-2011-3917 | Stack-based buffer overflow in FileWatcher in Google Chrome before 16.0.912.63 allows remote attacke... | | |
| CVE-2011-3918 | The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary ... | | |
| CVE-2011-3919 | Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote at... | | |
| CVE-2011-3921 | Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a ... | | |
| CVE-2011-3922 | Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a d... | | |
| CVE-2011-3923 | Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the Parameter... | E | |
| CVE-2011-3924 | Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a ... | | |
| CVE-2011-3925 | Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows... | | |
| CVE-2011-3926 | Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote att... | | |
| CVE-2011-3927 | Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of v... | | |
| CVE-2011-3928 | Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a ... | | |
| CVE-2011-3929 | The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0... | | |
| CVE-2011-3934 | Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg be... | | |
| CVE-2011-3935 | The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows remote attackers to have an u... | | |
| CVE-2011-3936 | The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 an... | | |
| CVE-2011-3937 | The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspe... | | |
| CVE-2011-3940 | nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x bef... | | |
| CVE-2011-3941 | The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attacker... | | |
| CVE-2011-3944 | The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote ... | | |
| CVE-2011-3945 | The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.1... | | |
| CVE-2011-3946 | The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attacke... | | |
| CVE-2011-3947 | Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, ... | | |
| CVE-2011-3949 | The dirac_unpack_idwt_params function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote a... | | |
| CVE-2011-3950 | The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote att... | | |
| CVE-2011-3951 | The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x befo... | | |
| CVE-2011-3952 | The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5... | | |
| CVE-2011-3953 | Google Chrome before 17.0.963.46 does not prevent monitoring of the clipboard after a paste event, w... | | |
| CVE-2011-3954 | Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application c... | | |
| CVE-2011-3955 | Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application c... | | |
| CVE-2011-3956 | The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed ... | | |
| CVE-2011-3957 | Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.96... | | |
| CVE-2011-3958 | Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a c... | | |
| CVE-2011-3959 | Buffer overflow in the locale implementation in Google Chrome before 17.0.963.46 allows remote attac... | | |
| CVE-2011-3960 | Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers ... | | |
| CVE-2011-3961 | Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code... | | |
| CVE-2011-3962 | Google Chrome before 17.0.963.46 does not properly perform path clipping, which allows remote attack... | | |
| CVE-2011-3963 | Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attack... | | |
| CVE-2011-3964 | Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes ... | | |
| CVE-2011-3965 | Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote attackers t... | | |
| CVE-2011-3966 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a ... | | |
| CVE-2011-3967 | Unspecified vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a den... | | |
| CVE-2011-3968 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a ... | | |
| CVE-2011-3969 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a ... | | |
| CVE-2011-3970 | libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of s... | | |
| CVE-2011-3971 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attacke... | | |
| CVE-2011-3972 | The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to ... | | |
| CVE-2011-3973 | cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cau... | | |
| CVE-2011-3974 | Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg ... | | |
| CVE-2011-3975 | A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO ... | | |
| CVE-2011-3976 | Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP servers to execute arbitrary ... | E | |
| CVE-2011-3977 | Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x before 3.5.0-4 and NX Server 3.... | | |
| CVE-2011-3978 | Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php in LightNEasy 3.2.4 allow remo... | E | |
| CVE-2011-3979 | Cross-site scripting (XSS) vulnerability in ztemp/view_compiled/Theme/theme_admin_setasdefault.php i... | E S | |
| CVE-2011-3980 | Unspecified vulnerability in the Drag Drop Mass Upload (ameos_dragndropupload) extension 2.0.2 and e... | S | |
| CVE-2011-3981 | PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress... | E S | |
| CVE-2011-3982 | The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA res... | | |
| CVE-2011-3983 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attacke... | | |
| CVE-2011-3984 | Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attacke... | | |
| CVE-2011-3985 | Cross-site scripting (XSS) vulnerability in Plume before 1.2.3 allows remote attackers to inject arb... | | |
| CVE-2011-3986 | Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0 allows remote attackers to inject arb... | | |
| CVE-2011-3987 | dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard before 4.41.0315, and Pro Advanced ... | E | |
| CVE-2011-3988 | SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11.0 through 2.11.2 allows remot... | S | |
| CVE-2011-3989 | SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbi... | | |
| CVE-2011-3990 | Cross-site scripting (XSS) vulnerability in plugin/comment.inc.php in PukiWiki Plus! 1.4.7plus-u2-i1... | S | |
| CVE-2011-3991 | Untrusted search path vulnerability in FFFTP 1.98a and earlier allows local users to execute arbitra... | | |
| CVE-2011-3992 | Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052... | | |
| CVE-2011-3993 | SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlie... | | |
| CVE-2011-3994 | Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploa... | | |
| CVE-2011-3995 | Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 and earlier allows remote attack... | | |
| CVE-2011-3996 | The LiveData Service in CSWorks before 2.0.4115.1 allows remote attackers to cause a denial of servi... | | |
| CVE-2011-3997 | Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication,... | | |
| CVE-2011-3998 | Cross-site scripting (XSS) vulnerability in Apple WebObjects 5.2 and earlier allows remote attackers... | | |
| CVE-2011-3999 | Cross-site scripting (XSS) vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal ... | |