| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2011-4000 | Buffer overflow in ChaSen 2.4.x allows remote attackers to execute arbitrary code via a crafted stri... | | |
| CVE-2011-4001 | Directory traversal vulnerability in HP no Mawashimono Nikki 6.6 and earlier allows remote attackers... | | |
| CVE-2011-4002 | HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to execute arbitrary commands via un... | | |
| CVE-2011-4004 | Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) pla... | | |
| CVE-2011-4005 | Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility... | | |
| CVE-2011-4006 | The ESMTP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with so... | | |
| CVE-2011-4007 | Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the "set mpls experimental imposition"... | | |
| CVE-2011-4012 | Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C) is used, does not create a fra... | | |
| CVE-2011-4014 | The TAC Case Attachment tool in Cisco Wireless Control System (WCS) 7.0 allows remote authenticated ... | | |
| CVE-2011-4015 | Cisco IOS 15.2S allows remote attackers to cause a denial of service (interface queue wedge) via mal... | | |
| CVE-2011-4016 | The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when Point-to-Point Termination and ... | | |
| CVE-2011-4019 | Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager (CUCM)... | | |
| CVE-2011-4022 | The sensor in Cisco Intrusion Prevention System (IPS) 7.0 and 7.1 allows remote attackers to cause a... | | |
| CVE-2011-4023 | Memory leak in libcmd in Cisco NX-OS 5.0 on Nexus switches allows remote authenticated users to caus... | | |
| CVE-2011-4024 | Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allow... | E S | |
| CVE-2011-4026 | SQL injection vulnerability in thanks.php in NexusPHP 1.5 allows remote attackers to execute arbitra... | E | |
| CVE-2011-4028 | The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine... | | |
| CVE-2011-4029 | The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change th... | S | |
| CVE-2011-4030 | The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prev... | S | |
| CVE-2011-4031 | Integer underflow in the asfrtp_parse_packet function in libavformat/rtpdec_asf.c in FFmpeg before 0... | S | |
| CVE-2011-4033 | Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historia... | | |
| CVE-2011-4034 | Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historia... | S | |
| CVE-2011-4035 | Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, Cit... | | |
| CVE-2011-4036 | Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHist... | | |
| CVE-2011-4037 | Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows us... | S | |
| CVE-2011-4038 | Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlie... | | |
| CVE-2011-4039 | Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Repor... | | |
| CVE-2011-4040 | Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows remote attackers to execute arbi... | | |
| CVE-2011-4041 | webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or ob... | E | |
| CVE-2011-4042 | An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, ... | | |
| CVE-2011-4043 | Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 thro... | | |
| CVE-2011-4044 | An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, ... | | |
| CVE-2011-4045 | Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 throu... | | |
| CVE-2011-4046 | The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext wi... | | |
| CVE-2011-4047 | The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary command... | | |
| CVE-2011-4048 | The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-onl... | | |
| CVE-2011-4050 | Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows ... | S | |
| CVE-2011-4051 | CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0... | S | |
| CVE-2011-4052 | Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in ... | S | |
| CVE-2011-4053 | Untrusted search path vulnerability in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS)... | | |
| CVE-2011-4054 | Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3... | | |
| CVE-2011-4055 | Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP... | S | |
| CVE-2011-4056 | An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), ... | S | |
| CVE-2011-4057 | Wibu-Systems AG CodeMeter Runtime 4.30c, 4.10b, and possibly other versions before 4.40 allows remot... | | |
| CVE-2011-4060 | The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LD_D... | | |
| CVE-2011-4061 | Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Ed... | E | |
| CVE-2011-4062 | Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of... | E S | |
| CVE-2011-4063 | chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10... | | |
| CVE-2011-4064 | Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 all... | | |
| CVE-2011-4066 | SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to... | E | |
| CVE-2011-4068 | The check_password function in html/admin/login.php in PacketFence before 3.0.2 allows remote attack... | S | |
| CVE-2011-4069 | html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection a... | S | |
| CVE-2011-4072 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4073 | Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 thr... | | |
| CVE-2011-4074 | Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote... | E S | |
| CVE-2011-4075 | The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers ... | E S | |
| CVE-2011-4076 | OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a userna... | E S | |
| CVE-2011-4077 | Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6... | E S | |
| CVE-2011-4078 | include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows r... | S | |
| CVE-2011-4079 | Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote at... | S | |
| CVE-2011-4080 | The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not requ... | S | |
| CVE-2011-4081 | crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of servic... | E S | |
| CVE-2011-4082 | A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain val... | | |
| CVE-2011-4083 | The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Cer... | | |
| CVE-2011-4084 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4858. Reason: This candidate... | R | |
| CVE-2011-4085 | The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Pl... | | |
| CVE-2011-4086 | The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not... | S | |
| CVE-2011-4087 | The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does... | E S | |
| CVE-2011-4088 | ABRT might allow attackers to obtain sensitive information from crash reports.... | | |
| CVE-2011-4089 | The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly h... | E S | |
| CVE-2011-4090 | Serendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.... | | |
| CVE-2011-4091 | The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentica... | | |
| CVE-2011-4092 | obby (aka libobby) does not verify SSL server certificates, which allows remote attackers to spoof s... | E | |
| CVE-2011-4093 | Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers ... | | |
| CVE-2011-4094 | Jara 1.6 has a SQL injection vulnerability.... | E | |
| CVE-2011-4095 | Jara 1.6 has an XSS vulnerability... | E | |
| CVE-2011-4096 | The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote... | | |
| CVE-2011-4097 | Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64... | E S | |
| CVE-2011-4098 | The fallocate implementation in the GFS2 filesystem in the Linux kernel before 3.2 relies on the pag... | S | |
| CVE-2011-4099 | The capsh program in libcap before 2.22 does not change the current working directory when the --chr... | | |
| CVE-2011-4100 | The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark... | S | |
| CVE-2011-4101 | The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband diss... | S | |
| CVE-2011-4102 | Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser i... | S | |
| CVE-2011-4103 | emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAM... | S | |
| CVE-2011-4104 | The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserializ... | S | |
| CVE-2011-4105 | LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack ... | | |
| CVE-2011-4106 | TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, w... | E S | |
| CVE-2011-4107 | The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmi... | E S | |
| CVE-2011-4108 | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if ... | | |
| CVE-2011-4109 | Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, ... | | |
| CVE-2011-4110 | The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users ... | E S | |
| CVE-2011-4111 | Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU b... | | |
| CVE-2011-4112 | The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SH... | E S | |
| CVE-2011-4113 | SQL injection vulnerability in the Views module before 6.x-2.13 for Drupal allows remote attackers t... | S | |
| CVE-2011-4114 | The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in... | S | |
| CVE-2011-4115 | Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files.... | | |
| CVE-2011-4116 | _is_safe in the File::Temp module for Perl does not properly handle symlinks.... | E S | |
| CVE-2011-4117 | The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files.... | E | |
| CVE-2011-4118 | Mahara before 1.4.1, when MNet (aka the Moodle network feature) is used, allows remote authenticated... | S | |
| CVE-2011-4119 | caml-light <= 0.75 uses mktemp() insecurely, and also does unsafe things in /tmp during make install... | E S | |
| CVE-2011-4120 | Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM configuration ... | S | |
| CVE-2011-4121 | The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generate... | | |
| CVE-2011-4122 | Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allow... | E | |
| CVE-2011-4123 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-3874. Reason: This candida... | R | |
| CVE-2011-4124 | Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argu... | E | |
| CVE-2011-4125 | A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ab... | E | |
| CVE-2011-4126 | Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged us... | E | |
| CVE-2011-4127 | The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users... | E S | |
| CVE-2011-4128 | Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x bef... | | |
| CVE-2011-4129 | (1) services/twitter/twitter-contact-view.c and (2) services/twitter/twitter-item-view.c in libsocia... | S | |
| CVE-2011-4130 | Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticate... | E S | |
| CVE-2011-4131 | The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in G... | | |
| CVE-2011-4132 | The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux ke... | E | |
| CVE-2011-4133 | Cross-site request forgery (CSRF) vulnerability in Moodle 1.9.x before 1.9.11 allows remote attacker... | | |
| CVE-2011-4134 | Heap-based buffer overflow in lmadmin in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server... | | |
| CVE-2011-4135 | Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNe... | S | |
| CVE-2011-4136 | django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored i... | S | |
| CVE-2011-4137 | The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x befo... | S | |
| CVE-2011-4138 | The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x befo... | S | |
| CVE-2011-4139 | Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host header to construct a full URL... | S | |
| CVE-2011-4140 | The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly hand... | S | |
| CVE-2011-4141 | Untrusted search path vulnerability in EMC RSA SecurID Software Token 4.1 before 4.1.1 allows local ... | | |
| CVE-2011-4142 | The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.219... | | |
| CVE-2011-4143 | EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive inf... | | |
| CVE-2011-4144 | Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before S... | | |
| CVE-2011-4145 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4146 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4147 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4148 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4149 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4150 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4151 | The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5... | | |
| CVE-2011-4153 | PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow rem... | E | |
| CVE-2011-4155 | Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows re... | | |
| CVE-2011-4156 | Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows re... | | |
| CVE-2011-4157 | Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtua... | | |
| CVE-2011-4158 | Unspecified vulnerability in HP Directories Support for ProLiant Management Processors 3.10 and 3.20... | | |
| CVE-2011-4159 | Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on H... | | |
| CVE-2011-4160 | Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP... | | |
| CVE-2011-4161 | The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550,... | | |
| CVE-2011-4162 | The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) Rem... | E | |
| CVE-2011-4163 | Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute ... | | |
| CVE-2011-4164 | Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute ... | | |
| CVE-2011-4165 | Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute ... | | |
| CVE-2011-4166 | Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Pri... | | |
| CVE-2011-4167 | Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 al... | | |
| CVE-2011-4168 | Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administra... | | |
| CVE-2011-4169 | Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers... | | |
| CVE-2011-4170 | Cross-site scripting (XSS) vulnerability in the theme_adium_append_message function in empathy-theme... | S | |
| CVE-2011-4171 | Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server... | E | |
| CVE-2011-4172 | Multiple cross-site scripting (XSS) vulnerabilities in KENT-WEB WEB FORUM before 5.1 allow remote at... | | |
| CVE-2011-4173 | Cross-site request forgery (CSRF) vulnerability in Simple Machines Forum (SMF) 2.x before 2.0.1 allo... | | |
| CVE-2011-4181 | open build service information leak via unauthorized source access | | |
| CVE-2011-4182 | shell code injection via ESSID because of missing escaping of a variable | | |
| CVE-2011-4183 | open build service allows anyone to upload rpms | | |
| CVE-2011-4185 | The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows ... | | |
| CVE-2011-4186 | Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remo... | | |
| CVE-2011-4187 | Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78... | | |
| CVE-2011-4188 | Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 ... | | |
| CVE-2011-4189 | The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary cod... | E | |
| CVE-2011-4190 | Missing verification of host key for kdump server | | |
| CVE-2011-4191 | Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 al... | | |
| CVE-2011-4192 | kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for Sys... | | |
| CVE-2011-4193 | Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1... | | |
| CVE-2011-4194 | Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Lin... | | |
| CVE-2011-4195 | kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for Sy... | E S | |
| CVE-2011-4197 | etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate w... | | |
| CVE-2011-4201 | remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image allows remote attackers to exec... | | |
| CVE-2011-4202 | The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions (www write access) for unspecif... | | |
| CVE-2011-4203 | CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.... | E | |
| CVE-2011-4211 | The FakeFile implementation in the sandbox environment in the Google App Engine Python SDK before 1.... | E S | |
| CVE-2011-4212 | The sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly prevent o... | E S | |
| CVE-2011-4213 | The sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly prevent u... | E S | |
| CVE-2011-4214 | OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass auth... | | |
| CVE-2011-4215 | SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management Syste... | | |
| CVE-2011-4216 | Investintech.com SlimPDF Reader does not properly restrict write operations, which allows remote att... | | |
| CVE-2011-4217 | Investintech.com SlimPDF Reader does not properly restrict read operations during block data moves, ... | S | |
| CVE-2011-4218 | Investintech.com SlimPDF Reader does not prevent faulting-instruction data from affecting write oper... | | |
| CVE-2011-4219 | Investintech.com SlimPDF Reader does not prevent faulting-address data from affecting branch selecti... | | |
| CVE-2011-4220 | Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function cal... | S | |
| CVE-2011-4221 | Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attac... | | |
| CVE-2011-4222 | Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote att... | | |
| CVE-2011-4223 | Unspecified vulnerability in Investintech.com Absolute PDF Server allows remote attackers to cause a... | | |
| CVE-2011-4231 | Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hub with X.509 certificates in u... | | |
| CVE-2011-4232 | The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory ... | | |
| CVE-2011-4237 | CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Ci... | | |
| CVE-2011-4244 | Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows... | | |
| CVE-2011-4245 | The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.170... | | |
| CVE-2011-4246 | The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows ... | | |
| CVE-2011-4247 | RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafte... | | |
| CVE-2011-4248 | RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malfor... | | |
| CVE-2011-4249 | Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers... | | |
| CVE-2011-4250 | Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPla... | | |
| CVE-2011-4251 | RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafte... | | |
| CVE-2011-4252 | The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows... | | |
| CVE-2011-4253 | Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPla... | | |
| CVE-2011-4254 | RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafte... | | |
| CVE-2011-4255 | Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.... | | |
| CVE-2011-4256 | The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does n... | | |
| CVE-2011-4257 | The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary... | | |
| CVE-2011-4258 | RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafte... | | |
| CVE-2011-4259 | Integer underflow in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitr... | | |
| CVE-2011-4260 | RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malfor... | | |
| CVE-2011-4261 | RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a d... | | |
| CVE-2011-4262 | Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execut... | | |
| CVE-2011-4263 | Cross-site scripting (XSS) vulnerability in Schneider Electric PowerChute Business Edition before 8.... | | |
| CVE-2011-4264 | Cross-site scripting (XSS) vulnerability in Etomite before 1.1 allows remote attackers to inject arb... | | |
| CVE-2011-4265 | Cross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 allows remote attackers to injec... | | |
| CVE-2011-4266 | Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via ... | | |
| CVE-2011-4267 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4268 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4269 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4270 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4271 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4272 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4273 | Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers... | E | |
| CVE-2011-4274 | Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile before 3.1 plug-ins for Mova... | S | |
| CVE-2011-4275 | Multiple cross-site scripting (XSS) vulnerabilities in iTop (aka IT Operations Portal) 1.1.181 and 1... | E | |
| CVE-2011-4276 | The Bluetooth service (com/android/phone/BluetoothHeadsetService.java) in Android 2.3 before 2.3.6 a... | | |
| CVE-2011-4277 | Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attack... | | |
| CVE-2011-4278 | Cross-site scripting (XSS) vulnerability in the tag autocomplete functionality in Moodle 1.9.x befor... | | |
| CVE-2011-4279 | Moodle 2.0.x before 2.0.2 does not use the forceloginforprofiles setting for course-profiles access ... | | |
| CVE-2011-4280 | Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as... | | |
| CVE-2011-4281 | Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote... | | |
| CVE-2011-4282 | Multiple cross-site scripting (XSS) vulnerabilities in the course-tags functionality in tag/courseta... | | |
| CVE-2011-4283 | Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterprise enrolment file in the cou... | | |
| CVE-2011-4284 | Moodle 2.0.x before 2.0.2 allows remote attackers to obtain sensitive information from a myprofile (... | | |
| CVE-2011-4285 | The default configuration of Moodle 2.0.x before 2.0.2 has an incorrect setting of the moodle/course... | | |
| CVE-2011-4286 | Multiple cross-site scripting (XSS) vulnerabilities in the media-filter implementation in filter/med... | | |
| CVE-2011-4287 | admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubsc... | | |
| CVE-2011-4288 | Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between t... | | |
| CVE-2011-4289 | Moodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses v... | | |
| CVE-2011-4290 | Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 ... | | |
| CVE-2011-4291 | Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid da... | | |
| CVE-2011-4292 | Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid da... | | |
| CVE-2011-4293 | The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate cach... | | |
| CVE-2011-4294 | The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before ... | | |
| CVE-2011-4295 | The moodle_enrol_external:role_assign function in enrol/externallib.php in Moodle 2.0.x before 2.0.4... | | |
| CVE-2011-4296 | lib/db/access.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 assigns incorrect capabilities... | | |
| CVE-2011-4297 | comment/lib.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 does not properly restrict comme... | | |
| CVE-2011-4298 | Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x b... | S | |
| CVE-2011-4299 | Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.5 and 2.... | S | |
| CVE-2011-4300 | The file_browser component in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not properly res... | S | |
| CVE-2011-4301 | The MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x before 1.9.14, 2.... | | |
| CVE-2011-4302 | mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2... | S | |
| CVE-2011-4303 | lib/db/upgrade.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not set the correct regi... | S | |
| CVE-2011-4304 | The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticat... | S | |
| CVE-2011-4305 | message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote authenticated users to cause a denia... | S | |
| CVE-2011-4306 | Cross-site scripting (XSS) vulnerability in course/editsection.html in Moodle 1.9.x before 1.9.14 al... | | |
| CVE-2011-4307 | Cross-site scripting (XSS) vulnerability in mod/wiki/lang/en/wiki.php in Moodle 2.0.x before 2.0.5 a... | | |
| CVE-2011-4308 | mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 allows ... | | |
| CVE-2011-4309 | Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote attackers to bypass intended access r... | | |
| CVE-2011-4310 | The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles.... | | |
| CVE-2011-4311 | ResourceSpace before 4.2.2833 does not properly validate access keys, which allows remote attackers ... | S | |
| CVE-2011-4312 | Multiple cross-site scripting (XSS) vulnerabilities in the commenting system in Review Board before ... | S | |
| CVE-2011-4313 | query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7... | S | |
| CVE-2011-4314 | message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application... | S | |
| CVE-2011-4315 | Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before ... | S | |
| CVE-2011-4316 | Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in certain unspecified conditions, do... | | |
| CVE-2011-4317 | The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x... | E | |
| CVE-2011-4318 | Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the prox... | | |
| CVE-2011-4319 | Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0... | | |
| CVE-2011-4320 | The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and 3.0.0-alpha-3 allows remote authenticat... | S | |
| CVE-2011-4321 | The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which mak... | | |
| CVE-2011-4322 | websitebaker prior to and including 2.8.1 has an authentication error in backup module.... | | |
| CVE-2011-4323 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-2726. Reason: This candida... | R | |
| CVE-2011-4324 | The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local ... | E S | |
| CVE-2011-4325 | The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly in... | | |
| CVE-2011-4326 | The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain U... | E S | |
| CVE-2011-4327 | ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper w... | | |
| CVE-2011-4328 | plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie fil... | | |
| CVE-2011-4329 | Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 allow remote attackers to inje... | S | |
| CVE-2011-4330 | Stack-based buffer overflow in the hfs_mac2asc function in fs/hfs/trans.c in the Linux kernel 2.6 al... | | |
| CVE-2011-4331 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4110. Reason: This candida... | R | |
| CVE-2011-4332 | Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attack... | | |
| CVE-2011-4333 | Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and earlier allow remote attacker... | | |
| CVE-2011-4334 | edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remot... | | |
| CVE-2011-4335 | Multiple cross-site scripting (XSS) vulnerabilities in Contao before 2.10.2 allow remote attackers t... | | |
| CVE-2011-4336 | Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.... | E | |
| CVE-2011-4337 | Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 thr... | E | |
| CVE-2011-4338 | Shaman 1.0.9: Users can add the line askforpwd=false to his shaman.conf file, without entering the r... | E | |
| CVE-2011-4339 | ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat E... | S | |
| CVE-2011-4340 | Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other version... | S | |
| CVE-2011-4341 | Multiple SQL injection vulnerabilities in symphony/content/content.publish.php in Symphony CMS 2.2.3... | S | |
| CVE-2011-4342 | PHP remote file inclusion vulnerability in wp_xml_export.php in the BackWPup plugin before 1.7.2 for... | E | |
| CVE-2011-4343 | Information disclosure vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2... | S | |
| CVE-2011-4344 | Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins before 1.438, and 1.409 LTS befo... | S | |
| CVE-2011-4345 | Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is u... | | |
| CVE-2011-4346 | Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 5.4... | S | |
| CVE-2011-4347 | The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux... | | |
| CVE-2011-4348 | Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows... | | |
| CVE-2011-4349 | Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord befor... | S | |
| CVE-2011-4350 | Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote au... | E | |
| CVE-2011-4351 | Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8... | | |
| CVE-2011-4352 | Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.... | | |
| CVE-2011-4353 | The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) vp6_parse_coeff functions in FFmpeg 0.5... | | |
| CVE-2011-4354 | crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other produ... | | |
| CVE-2011-4355 | GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certa... | | |
| CVE-2011-4356 | Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but... | S | |
| CVE-2011-4357 | Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (n... | | |
| CVE-2011-4358 | Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attack... | | |
| CVE-2011-4359 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4343. Reason: This candida... | R | |
| CVE-2011-4360 | MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages vi... | S | |
| CVE-2011-4361 | MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, whi... | S | |
| CVE-2011-4362 | Integer signedness error in the base64_decode function in the HTTP authentication functionality (htt... | E S | |
| CVE-2011-4363 | ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enab... | | |
| CVE-2011-4364 | Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0... | | |
| CVE-2011-4365 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4090. Reason: This candida... | R | |
| CVE-2011-4366 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4090. Reason: This candida... | R | |
| CVE-2011-4367 | Multiple directory traversal vulnerabilities in MyFaces JavaServer Faces (JSF) in Apache MyFaces Cor... | E | |
| CVE-2011-4368 | Cross-site scripting (XSS) vulnerability in Remote Development Services (RDS) in Adobe ColdFusion 8.... | S | |
| CVE-2011-4369 | Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windo... | S | |
| CVE-2011-4370 | Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers... | S | |
| CVE-2011-4371 | Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers... | S | |
| CVE-2011-4372 | Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers... | S | |
| CVE-2011-4373 | Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers... | S | |
| CVE-2011-4374 | Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary cod... | | |
| CVE-2011-4375 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4376 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4377 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4378 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4379 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4380 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4381 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4382 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4383 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4384 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4385 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4386 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4387 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4388 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4389 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4390 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4391 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4392 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4393 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4394 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4395 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4396 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4397 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4398 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4399 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4400 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4401 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4402 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4403 | Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers... | E | |
| CVE-2011-4404 | The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Up... | S | |
| CVE-2011-4405 | The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic... | | |
| CVE-2011-4406 | The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges wh... | S | |
| CVE-2011-4407 | ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloa... | | |
| CVE-2011-4408 | The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate ... | S | |
| CVE-2011-4409 | The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate S... | | |
| CVE-2011-4410 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4411 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4412 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4413 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4414 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4415 | The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x th... | E S | |
| CVE-2011-4416 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4417 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4418 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4419 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4420 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4421 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4422 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4423 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4424 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4425 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4426 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4427 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4428 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4429 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4430 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4431 | Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authen... | E | |
| CVE-2011-4432 | www/include/configuration/nconfigObject/contact/DB-Func.php in Merethis Centreon before 2.3.2 does n... | E | |
| CVE-2011-4433 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2011-4434 | Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLo... | | |
| CVE-2011-4435 | The web-server component in the Consolidation and Analysis Engine (CAE) Server in DB2 Query Monitor ... | | |
| CVE-2011-4436 | Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface on the Dell ... | | |
| CVE-2011-4447 | The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not pro... | | |
| CVE-2011-4448 | SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 al... | E S | |
| CVE-2011-4449 | actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file u... | E S | |
| CVE-2011-4450 | Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 a... | E S | |
| CVE-2011-4451 | libs/Wakka.class.php in WikkaWiki 1.3.1 and 1.3.2, when the spam_logging option is enabled, allows r... | E | |
| CVE-2011-4452 | Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1... | E S | |
| CVE-2011-4453 | The PageListSort function in scripts/pagelist.php in PmWiki 2.x before 2.2.35 allows remote attacker... | E S | |
| CVE-2011-4454 | Multiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier allow remote attackers to ... | E | |
| CVE-2011-4455 | Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inje... | E | |
| CVE-2011-4456 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4313. Reason: This candida... | R | |
| CVE-2011-4457 | OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when JavaScript is disabled, allows ... | S | |
| CVE-2011-4458 | Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and 4.x before 4.0.6, when the VER... | S | |
| CVE-2011-4459 | Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups,... | S | |
| CVE-2011-4460 | SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before ... | S | |
| CVE-2011-4461 | Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability... | | |
| CVE-2011-4462 | Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to ... | | |
| CVE-2011-4465 | Cross-site scripting (XSS) vulnerability in IBM Lotus Mobile Connect (LMC) 6.1.4 allows remote attac... | | |
| CVE-2011-4486 | Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before ... | | |
| CVE-2011-4487 | SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x... | | |
| CVE-2011-4496 | Buffer overflow in Aviosoft DTV Player 1.0.1.2 allows remote attackers to execute arbitrary code via... | | |
| CVE-2011-4497 | QIS_wizard.htm on the ASUS RT-N56U router with firmware before 1.0.1.4o allows remote attackers to o... | | |
| CVE-2011-4498 | Cross-site request forgery (CSRF) vulnerability in the web console in Zenprise Device Manager 6.x th... | S | |
| CVE-2011-4499 | The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware bef... | | |
| CVE-2011-4500 | The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled... | | |
| CVE-2011-4501 | The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edi... | | |
| CVE-2011-4502 | The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edi... | | |
| CVE-2011-4503 | The UPnP IGD implementation in Broadcom Linux on the Sitecom WL-111 allows remote attackers to estab... | | |
| CVE-2011-4504 | The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attack... | | |
| CVE-2011-4505 | The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware before 6.2.29 allows remote atta... | | |
| CVE-2011-4506 | The UPnP IGD implementation on the Thomson (aka Technicolor) TG585 with firmware 7.x before 7.4.3.2 ... | | |
| CVE-2011-4507 | The D-Link DIR-685 router, when certain WPA and WPA2 configurations are used, does not maintain an e... | | |
| CVE-2011-4508 | The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka T... | | |
| CVE-2011-4509 | The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal);... | | |
| CVE-2011-4510 | Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005,... | | |
| CVE-2011-4511 | Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005,... | | |
| CVE-2011-4512 | CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2... | | |
| CVE-2011-4513 | Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfo... | | |
| CVE-2011-4514 | The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); ... | | |
| CVE-2011-4515 | Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords ... | | |
| CVE-2011-4516 | Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer ... | | |
| CVE-2011-4517 | The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data typ... | | |
| CVE-2011-4518 | Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC befo... | | |
| CVE-2011-4519 | Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote ... | | |
| CVE-2011-4520 | Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote a... | | |
| CVE-2011-4521 | SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to ex... | | |
| CVE-2011-4522 | Cross-site scripting (XSS) vulnerability in bwerrdn.asp in Advantech/BroadWin WebAccess before 7.0 a... | S | |
| CVE-2011-4523 | Cross-site scripting (XSS) vulnerability in bwview.asp in Advantech/BroadWin WebAccess before 7.0 al... | S | |
| CVE-2011-4524 | Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitr... | S | |
| CVE-2011-4525 | Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitra... | S | |
| CVE-2011-4526 | Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote ... | | |
| CVE-2011-4528 | Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME rec... | S | |
| CVE-2011-4529 | Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allow... | E | |
| CVE-2011-4530 | Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obta... | E | |
| CVE-2011-4531 | Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a... | E | |
| CVE-2011-4532 | Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll ... | | |
| CVE-2011-4533 | zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a den... | | |
| CVE-2011-4534 | ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denia... | | |
| CVE-2011-4535 | Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and ea... | S | |
| CVE-2011-4536 | Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka HistoryServer.exe) in WellinTec... | S | |
| CVE-2011-4537 | Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.113... | S | |
| CVE-2011-4538 | Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information ... | | |
| CVE-2011-4539 | dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular... | | |
| CVE-2011-4540 | Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open (aka AtMail Open-Source edition) ... | E | |
| CVE-2011-4541 | Cross-site scripting (XSS) vulnerability in index.php in Hastymail2 2.1.1 before RC2 allows remote a... | E | |
| CVE-2011-4542 | Hastymail2 2.1.1 before RC2 allows remote attackers to execute arbitrary commands via the (1) rs or ... | | |
| CVE-2011-4543 | Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include a... | E | |
| CVE-2011-4544 | Multiple cross-site scripting (XSS) vulnerabilities in Prestashop before 1.5 allow remote attackers ... | E | |
| CVE-2011-4545 | CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers... | E | |
| CVE-2011-4547 | Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tp... | E | |
| CVE-2011-4548 | Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.44 on the Acer AC700, Samsung ... | | |
| CVE-2011-4551 | Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2... | | |
| CVE-2011-4552 | Multiple cross-site scripting (XSS) vulnerabilities in One Click Orgs before 1.2.3 allow remote atta... | | |
| CVE-2011-4553 | Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow (1) remote attackers to ... | | |
| CVE-2011-4554 | One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via (1... | | |
| CVE-2011-4555 | One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows... | | |
| CVE-2011-4558 | Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to... | E | |
| CVE-2011-4559 | SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote att... | E | |
| CVE-2011-4560 | Cross-site scripting (XSS) vulnerability in the Petition Node module 6.x-1.x before 6.x-1.5 for Drup... | | |
| CVE-2011-4561 | Cross-site scripting (XSS) vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to in... | E | |
| CVE-2011-4562 | Multiple cross-site scripting (XSS) vulnerabilities in (1) view/admin/log_item.php and (2) view/admi... | E | |
| CVE-2011-4563 | Cross-site scripting (XSS) vulnerability in index.php in JAKCMS 2.0.4.1, and possibly other versions... | | |
| CVE-2011-4564 | Cross-site scripting (XSS) vulnerability in the admin script in Active CMS 1.2 allows remote attacke... | E | |
| CVE-2011-4565 | Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.5.1.a, and possibly earlier versions,... | E | |
| CVE-2011-4566 | Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0be... | E | |
| CVE-2011-4567 | Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_sen... | E | |
| CVE-2011-4568 | Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin before 1... | | |
| CVE-2011-4569 | SQL injection vulnerability in userbarsettings.php in the Userbar plugin 2.2 for MyBB Forum allows r... | E | |
| CVE-2011-4570 | SQL injection vulnerability in the Time Returns (com_timereturns) component 2.0 and possibly earlier... | E | |
| CVE-2011-4571 | SQL injection vulnerability in the Estate Agent (com_estateagent) component for Joomla! allows remot... | E | |
| CVE-2011-4572 | Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF Image Hosting Script 1.3.82, ... | E | |
| CVE-2011-4573 | Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" perm... | | |
| CVE-2011-4574 | PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart, thi... | | |
| CVE-2011-4575 | Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform... | | |
| CVE-2011-4576 | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initiali... | | |
| CVE-2011-4577 | OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attacke... | | |
| CVE-2011-4578 | event.c in acpid (aka acpid2) before 2.0.11 does not have an appropriate umask setting during execut... | | |
| CVE-2011-4579 | The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before ... | | |
| CVE-2011-4580 | Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Enterprise Portal Platform befo... | | |
| CVE-2011-4581 | mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 allows remote authenticated... | S | |
| CVE-2011-4582 | Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before 2.1.3 allows remote auth... | S | |
| CVE-2011-4583 | Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) dis... | S | |
| CVE-2011-4584 | The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x b... | | |
| CVE-2011-4585 | login/change_password.php in Moodle 1.9.x before 1.9.15 does not use https for the change-password f... | | |
| CVE-2011-4586 | CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.... | | |
| CVE-2011-4587 | lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not... | | |
| CVE-2011-4588 | The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x before 1.9.15 uses an incorrect dat... | | |
| CVE-2011-4589 | backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not che... | S | |
| CVE-2011-4590 | The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properl... | S | |
| CVE-2011-4591 | Cross-site scripting (XSS) vulnerability in the print_object function in lib/datalib.php in Moodle 2... | | |
| CVE-2011-4592 | The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not pr... | | |
| CVE-2011-4593 | Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle user... | S | |
| CVE-2011-4594 | The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to caus... | S | |
| CVE-2011-4595 | Pretty-Link WordPress plugin 1.5.2 has XSS... | E | |
| CVE-2011-4596 | Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and... | | |
| CVE-2011-4597 | The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, ... | | |
| CVE-2011-4598 | The handle_request_info function in channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2... | | |
| CVE-2011-4599 | Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Componen... | S | |
| CVE-2011-4600 | The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not ... | | |
| CVE-2011-4601 | family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin before 2.10.1 does not perform ... | | |
| CVE-2011-4602 | The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing field... | | |
| CVE-2011-4603 | The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin before... | S | |
| CVE-2011-4604 | The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows r... | E S | |
| CVE-2011-4605 | The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise... | | |
| CVE-2011-4606 | Artsoft Entertainment Rocks'n'Diamonds (aka rocksndiamonds) 3.3.0.1 allows local users to overwrite ... | S | |
| CVE-2011-4607 | PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occu... | | |
| CVE-2011-4608 | mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to ... | | |
| CVE-2011-4609 | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause... | | |
| CVE-2011-4610 | JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform be... | | |
| CVE-2011-4611 | Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Lin... | S | |
| CVE-2011-4612 | icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the ... | S | |
| CVE-2011-4613 | The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verif... | | |
| CVE-2011-4614 | PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspac... | S | |
| CVE-2011-4615 | Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10 allow remote attackers t... | | |
| CVE-2011-4616 | Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allo... | E | |
| CVE-2011-4617 | virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink... | | |
| CVE-2011-4618 | Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2... | E | |
| CVE-2011-4619 | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f do... | | |
| CVE-2011-4620 | Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1... | E | |
| CVE-2011-4621 | The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, whic... | E S | |
| CVE-2011-4622 | The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does n... | S | |
| CVE-2011-4623 | Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsys... | S | |
| CVE-2011-4624 | Cross-site scripting (XSS) vulnerability in facebook.php in the GRAND FlAGallery plugin (flash-album... | E S | |
| CVE-2011-4625 | simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which... | | |
| CVE-2011-4626 | Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows... | | |
| CVE-2011-4627 | TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the... | | |
| CVE-2011-4628 | TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass au... | | |
| CVE-2011-4629 | Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows... | | |
| CVE-2011-4630 | Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows... | | |
| CVE-2011-4631 | Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows... | | |
| CVE-2011-4632 | Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows... | | |
| CVE-2011-4634 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote at... | S | |
| CVE-2011-4638 | Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to e... | E | |
| CVE-2011-4639 | The (1) Traceroute and (2) Ping implementations in tools.php in SpamTitan WebTitan before 3.60 allow... | E | |
| CVE-2011-4640 | Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote auth... | E | |
| CVE-2011-4642 | mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy comm... | E | |
| CVE-2011-4643 | Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated u... | E | |
| CVE-2011-4644 | Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functiona... | E | |
| CVE-2011-4646 | SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and proba... | E S | |
| CVE-2011-4647 | Multiple cross-site scripting (XSS) vulnerabilities in the story creation feature in Geeklog 1.8.0 a... | E S | |
| CVE-2011-4650 | Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports.... | | |
| CVE-2011-4659 | Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password f... | | |
| CVE-2011-4661 | A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PRO... | | |
| CVE-2011-4667 | The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco... | | |
| CVE-2011-4668 | IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via... | | |
| CVE-2011-4669 | SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for W... | E S | |
| CVE-2011-4670 | Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote att... | E | |
| CVE-2011-4671 | SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other ver... | E S | |
| CVE-2011-4672 | Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to e... | E | |
| CVE-2011-4673 | SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows rem... | E | |
| CVE-2011-4674 | SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions befo... | E | |
| CVE-2011-4675 | The pathname canonicalization functionality in io/filesystem/filesystem.cc in Widelands before 15.1 ... | S | |
| CVE-2011-4677 | One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, w... | | |
| CVE-2011-4678 | The password reset feature in One Click Orgs before 1.2.3 generates different error messages for fai... | | |
| CVE-2011-4679 | vtiger CRM before 5.3.0 does not properly recognize the disabled status of a field in the Leads modu... | E | |
| CVE-2011-4680 | Multiple cross-site scripting (XSS) vulnerabilities in the customer portal in vtiger CRM before 5.2.... | | |
| CVE-2011-4681 | Opera before 11.60 does not properly consider the number of . (dot) characters that conventionally e... | | |
| CVE-2011-4682 | The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allow... | | |
| CVE-2011-4683 | Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a ... | | |
| CVE-2011-4684 | Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and... | | |
| CVE-2011-4685 | Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service (application cr... | | |
| CVE-2011-4686 | Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote atta... | | |
| CVE-2011-4687 | Opera before 11.60 allows remote attackers to cause a denial of service (CPU and memory consumption)... | | |
| CVE-2011-4688 | Mozilla Firefox 8.0.1 and earlier does not prevent capture of data about the times of Same Origin Po... | E | |
| CVE-2011-4689 | Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Ori... | E | |
| CVE-2011-4690 | Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy viola... | E | |
| CVE-2011-4691 | Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Orig... | E | |
| CVE-2011-4692 | WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent... | E | |
| CVE-2011-4693 | Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote at... | E | |
| CVE-2011-4694 | Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote at... | E | |
| CVE-2011-4695 | Unspecified vulnerability in Microsoft Windows 7 SP1, when Java is installed, allows local users to ... | E | |
| CVE-2011-4696 | Directory traversal vulnerability in Eye-Fi Helper before 3.4.23 allows man-in-the-middle attackers ... | E | |
| CVE-2011-4697 | The Xiaomi MiTalk Messenger (com.xiaomi.channel) application before 2.1.320 for Android does not pro... | | |
| CVE-2011-4698 | The AndroidAppTools Easy Filter (com.phoneblocker.android) application 1.1 and 1.2 for Android does ... | | |
| CVE-2011-4699 | The Ubermedia Twidroyd Legacy (com.twidroydlegacy) application 4.3.11 for Android does not properly ... | | |
| CVE-2011-4700 | The UberMedia UberSocial (com.twidroid) application 7.x before 7.2.4 for Android does not properly p... | | |
| CVE-2011-4701 | The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly... | | |
| CVE-2011-4702 | The Nimbuzz (com.nimbuzz) application 2.0.8 and 2.0.10 for Android does not properly protect data, w... | | |
| CVE-2011-4703 | The Limit My Call (com.limited.call.view) application 2.11 for Android does not properly protect dat... | | |
| CVE-2011-4704 | The Voxofon (com.voxofon) application before 2.5.2 for Android does not properly protect data, which... | | |
| CVE-2011-4705 | The Ming Blacklist Free (vc.software.blacklist) application 1.8.1 and 1.9.2.1 for Android does not p... | | |
| CVE-2011-4707 | Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Netweaver all... | | |
| CVE-2011-4708 | Cross-site scripting (XSS) vulnerability in IBM Rational Asset Manager before 7.5.1 allows remote at... | | |
| CVE-2011-4709 | Multiple cross-site scripting (XSS) vulnerabilities in Hotaru.php in the Search plugin 1.3 for Hotar... | E | |
| CVE-2011-4710 | Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 allow remote attackers to exec... | E | |
| CVE-2011-4711 | Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote atta... | | |
| CVE-2011-4712 | Directory traversal vulnerability in Oxide WebServer allows remote attackers to read arbitrary files... | E | |
| CVE-2011-4713 | Directory traversal vulnerability in catalog/content.php in osCSS2 2.1.0 and earlier allows remote a... | E | |
| CVE-2011-4714 | Directory traversal vulnerability in Virtual Vertex Muster before 6.20 allows remote attackers to re... | E | |
| CVE-2011-4715 | Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha 3.4 before 3.4.7 and 3.6 befor... | E | |
| CVE-2011-4716 | Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remot... | E | |
| CVE-2011-4717 | Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to ... | | |
| CVE-2011-4718 | Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers... | | |
| CVE-2011-4719 | Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.63 on the Acer AC700, Samsung ... | | |
| CVE-2011-4720 | Hillstone HS TFTP Server 1.3.2 allows remote attackers to cause a denial of service (daemon crash) v... | E | |
| CVE-2011-4722 | Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote... | E | |
| CVE-2011-4723 | The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to ob... | KEV | |
| CVE-2011-4725 | Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 1... | | |
| CVE-2011-4726 | Multiple cross-site scripting (XSS) vulnerabilities in the Server Administration Panel in Parallels ... | | |
| CVE-2011-4727 | The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not properly... | | |
| CVE-2011-4728 | The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not set the ... | | |
| CVE-2011-4729 | The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not include ... | | |
| CVE-2011-4730 | The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 generates a passw... | | |
| CVE-2011-4731 | The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 includes an RFC 1... | | |
| CVE-2011-4732 | The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 omits the Content... | | |
| CVE-2011-4733 | The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 sends incorrect C... | | |
| CVE-2011-4734 | Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20... | | |
| CVE-2011-4735 | Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10... | | |
| CVE-2011-4736 | The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 receives cleartext password inpu... | | |
| CVE-2011-4737 | The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a submitted password wi... | | |
| CVE-2011-4738 | The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 does not include the HTTPOnly fl... | | |
| CVE-2011-4739 | The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates a password form field ... | | |
| CVE-2011-4740 | The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates web pages containing e... | | |
| CVE-2011-4741 | The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a database connection s... | | |
| CVE-2011-4742 | The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 has web pages containing e-mail ... | | |
| CVE-2011-4743 | The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's ... | | |
| CVE-2011-4744 | The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type hea... | | |
| CVE-2011-4745 | Multiple cross-site scripting (XSS) vulnerabilities in the billing system for Parallels Plesk Panel ... | | |
| CVE-2011-4746 | The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not disable the SSL 2.0 ... | | |
| CVE-2011-4747 | The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not prevent the use of w... | | |
| CVE-2011-4748 | The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 has web pages containing e-ma... | | |
| CVE-2011-4749 | The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 generates a password form fie... | | |
| CVE-2011-4750 | Multiple cross-site scripting (XSS) vulnerabilities in SmarterTools SmarterStats 6.2.4100 allow remo... | | |
| CVE-2011-4751 | SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET ... | | |
| CVE-2011-4752 | SmarterTools SmarterStats 6.2.4100 sends incorrect Content-Type headers for certain resources, which... | | |
| CVE-2011-4753 | Multiple SQL injection vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote a... | | |
| CVE-2011-4754 | Multiple cross-site scripting (XSS) vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 a... | | |
| CVE-2011-4755 | Parallels Plesk Small Business Panel 10.2.0 does not properly validate string data that is intended ... | | |
| CVE-2011-4756 | Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPOnly flag in a Set-Cookie heade... | | |
| CVE-2011-4757 | Parallels Plesk Small Business Panel 10.2.0 generates a password form field without disabling the au... | | |
| CVE-2011-4758 | Parallels Plesk Small Business Panel 10.2.0 receives cleartext password input over HTTP, which allow... | | |
| CVE-2011-4759 | Parallels Plesk Small Business Panel 10.2.0 generates web pages containing external links in respons... | | |
| CVE-2011-4760 | Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not i... | | |
| CVE-2011-4761 | Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for ce... | | |
| CVE-2011-4762 | Parallels Plesk Small Business Panel 10.2.0 sends incorrect Content-Type headers for certain resourc... | | |
| CVE-2011-4763 | Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Ple... | | |
| CVE-2011-4764 | Multiple cross-site scripting (XSS) vulnerabilities in the Site Editor (aka SiteBuilder) feature in ... | | |
| CVE-2011-4765 | The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 does not in... | | |
| CVE-2011-4766 | The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allows remo... | | |
| CVE-2011-4767 | The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 has web pag... | | |
| CVE-2011-4768 | The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 omits the C... | | |
| CVE-2011-4769 | The 360 MobileSafe (com.qihoo360.mobilesafe) application 2.x before 2.3.0 for Android does not prope... | | |
| CVE-2011-4770 | The QIWI Wallet (ru.mw) application before 1.14.2 for Android does not properly protect data, which ... | | |
| CVE-2011-4771 | The Scan to PDF Free (com.scan.to.pdf.trial) application 2.0.4 for Android does not properly protect... | | |
| CVE-2011-4772 | The 360 KouXin (com.qihoo360.kouxin) application 1.5.3 for Android does not properly protect data, w... | | |
| CVE-2011-4773 | The AnGuanJia (com.anguanjia.safe) application 2.10.343 for Android does not properly protect data, ... | | |
| CVE-2011-4776 | Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10... | | |
| CVE-2011-4777 | Cross-site scripting (XSS) vulnerability in the Site Editor (aka SiteBuilder) feature in Parallels P... | | |
| CVE-2011-4778 | Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 allows remote at... | | |
| CVE-2011-4779 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4642. Reason: This candida... | R | |
| CVE-2011-4780 | Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmi... | S | |
| CVE-2011-4782 | Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup inter... | S | |
| CVE-2011-4783 | The IDAPython plugin before 1.5.2.3 in IDA Pro allows user-assisted remote attackers to execute arbi... | S | |
| CVE-2011-4784 | The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a na... | | |
| CVE-2011-4785 | Directory traversal vulnerability in the HP-ChaiSOE/1.0 web server on the HP LaserJet P3015 printer ... | | |
| CVE-2011-4786 | A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows... | | |
| CVE-2011-4787 | A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows... | | |
| CVE-2011-4788 | Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array sys... | | |
| CVE-2011-4789 | Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4... | | |
| CVE-2011-4790 | Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers... | | |
| CVE-2011-4791 | DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execu... | | |
| CVE-2011-4792 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4793 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4794 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4795 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4796 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4797 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4798 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4799 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4800 | Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated u... | E | |
| CVE-2011-4801 | SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex... | E S | |
| CVE-2011-4802 | Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authen... | E S | |
| CVE-2011-4803 | SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote at... | E | |
| CVE-2011-4804 | Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! ... | E | |
| CVE-2011-4805 | Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows ... | E | |
| CVE-2011-4806 | Multiple cross-site scripting (XSS) vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier all... | E | |
| CVE-2011-4807 | Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attacke... | E | |
| CVE-2011-4808 | SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! ... | E | |
| CVE-2011-4809 | Multiple cross-site scripting (XSS) vulnerabilities in the HM Community (com_hmcommunity) component ... | E | |
| CVE-2011-4810 | Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote... | E | |
| CVE-2011-4811 | SQL injection vulnerability in pokaz_podkat.php in BestShopPro allows remote attackers to execute ar... | E | |
| CVE-2011-4812 | Cross-site scripting (XSS) vulnerability in nowosci.php in BestShopPro allows remote attackers to in... | E | |
| CVE-2011-4813 | Directory traversal vulnerability in clientarea.php in WHMCompleteSolution (WHMCS) 3.x.x allows remo... | E | |
| CVE-2011-4814 | Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow ... | E S | |
| CVE-2011-4815 | Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger h... | | |
| CVE-2011-4816 | SQL injection vulnerability in the KPI component in IBM Maximo Asset Management and Asset Management... | | |
| CVE-2011-4817 | The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2... | | |
| CVE-2011-4818 | Open redirect vulnerability in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1,... | | |
| CVE-2011-4819 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management and Asset Managem... | | |
| CVE-2011-4820 | IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass security restrictions. An att... | | |
| CVE-2011-4821 | Directory traversal vulnerability in the TFTP server in D-Link DIR-601 Wireless N150 Home Router wit... | | |
| CVE-2011-4822 | Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye... | | |
| CVE-2011-4823 | Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joom... | E | |
| CVE-2011-4824 | SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to exec... | | |
| CVE-2011-4825 | Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1... | E | |
| CVE-2011-4826 | SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 allows remote attackers to exe... | E | |
| CVE-2011-4827 | Multiple cross-site scripting (XSS) vulnerabilities in AutoSec Tools V-CMS 1.0 allow remote attacker... | E | |
| CVE-2011-4828 | Unrestricted file upload vulnerability in includes/inline_image_upload.php in AutoSec Tools V-CMS 1.... | E | |
| CVE-2011-4829 | SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! a... | E | |
| CVE-2011-4830 | Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites com... | E | |
| CVE-2011-4831 | Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote aut... | E | |
| CVE-2011-4832 | Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.... | E | |
| CVE-2011-4833 | Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 before 6.1.7, 6.2 before ... | E | |
| CVE-2011-4834 | The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (... | E | |
| CVE-2011-4835 | Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attack... | | |
| CVE-2011-4836 | Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote... | | |
| CVE-2011-4837 | Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.... | | |
| CVE-2011-4838 | JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions... | | |
| CVE-2011-4847 | SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 al... | | |
| CVE-2011-4848 | The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes a submitted password wit... | | |
| CVE-2011-4849 | The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not set the secure flag for ... | | |
| CVE-2011-4850 | The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not include the HTTPOnly fla... | | |
| CVE-2011-4851 | The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates a password form field w... | | |
| CVE-2011-4852 | The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates web pages containing ex... | E | |
| CVE-2011-4853 | The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes an RFC 1918 IP address w... | E | |
| CVE-2011-4854 | The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type... | | |
| CVE-2011-4855 | The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omits the Content-Type header's c... | | |
| CVE-2011-4856 | The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sends incorrect Content-Type head... | | |
| CVE-2011-4857 | Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers t... | | |
| CVE-2011-4858 | Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form ... | | |
| CVE-2011-4859 | The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modu... | | |
| CVE-2011-4860 | The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device... | | |
| CVE-2011-4861 | The modbus_125_handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 dev... | E | |
| CVE-2011-4862 | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5... | E S | |
| CVE-2011-4863 | The Tencent QQPimSecure (com.tencent.qqpimsecure) application 3.0.2 for Android does not properly pr... | | |
| CVE-2011-4864 | The Tencent MobileQQ (com.tencent.mobileqq) application 2.2 for Android does not properly protect da... | | |
| CVE-2011-4865 | The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not p... | | |
| CVE-2011-4866 | The Kaixin001 (com.kaixin001.activity) application 1.3.1 and 1.3.3 for Android does not properly pro... | | |
| CVE-2011-4867 | The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect dat... | | |
| CVE-2011-4868 | The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and is... | | |
| CVE-2011-4869 | validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC... | S | |
| CVE-2011-4870 | Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX cont... | | |
| CVE-2011-4871 | Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of ser... | | |
| CVE-2011-4872 | Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible F... | | |
| CVE-2011-4873 | Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to c... | | |
| CVE-2011-4874 | Use-after-free vulnerability in MICROSYS PROMOTIC before 8.1.7 allows user-assisted remote attackers... | | |
| CVE-2011-4875 | Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2... | E | |
| CVE-2011-4876 | Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2... | E | |
| CVE-2011-4877 | HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka T... | E | |
| CVE-2011-4878 | Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 200... | E | |
| CVE-2011-4879 | miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; W... | E | |
| CVE-2011-4880 | Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.... | | |
| CVE-2011-4881 | The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return va... | | |
| CVE-2011-4882 | The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to cause ... | | |
| CVE-2011-4883 | The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly validate values... | | |
| CVE-2011-4885 | PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger... | E | |
| CVE-2011-4887 | Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Man... | S | |
| CVE-2011-4889 | The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSph... | | |
| CVE-2011-4890 | The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cau... | | |
| CVE-2011-4891 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2011-4892 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2011-4893 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2011-4894 | Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort access instead of a Tor TLS co... | S | |
| CVE-2011-4895 | Tor before 0.2.2.34, when configured as a bridge, sets up circuits through a process different from ... | S | |
| CVE-2011-4896 | Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is ... | | |
| CVE-2011-4897 | Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, use... | S | |
| CVE-2011-4898 | wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates dif... | E | |
| CVE-2011-4899 | wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensu... | E | |
| CVE-2011-4900 | TYPO3 before 4.5.4 allows Information Disclosure in the backend.... | | |
| CVE-2011-4901 | TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract a... | | |
| CVE-2011-4902 | TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete ar... | | |
| CVE-2011-4903 | Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows... | | |
| CVE-2011-4904 | TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls wh... | | |
| CVE-2011-4905 | Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor e... | E | |
| CVE-2011-4906 | Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP cod... | E | |
| CVE-2011-4907 | Joomla! 1.5x through 1.5.12: Missing JEXEC Check... | | |
| CVE-2011-4908 | TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.... | E | |
| CVE-2011-4909 | Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers ... | E | |
| CVE-2011-4910 | Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject ... | | |
| CVE-2011-4911 | Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attac... | | |
| CVE-2011-4912 | Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass.... | | |
| CVE-2011-4913 | The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not val... | E S | |
| CVE-2011-4914 | The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data... | E S | |
| CVE-2011-4915 | fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke info... | E S | |
| CVE-2011-4916 | Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to ... | E | |
| CVE-2011-4917 | In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.... | E S | |
| CVE-2011-4918 | Multiple cross-site scripting (XSS) vulnerabilities in Elxis CMS 2009.2, 2009.3 and 2009.3 Aphrodite... | E S | |
| CVE-2011-4919 | mpack 1.6 has information disclosure via eavesdropping on mails sent by other users... | E | |
| CVE-2011-4920 | Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.26, and other versions before 1.0.0,... | | |
| CVE-2011-4921 | SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1... | | |
| CVE-2011-4922 | cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in proce... | E S | |
| CVE-2011-4923 | Cross-site scripting (XSS) vulnerability in View.pm in BackupPC 3.0.0, 3.1.0, 3.2.0, 3.2.1, and poss... | | |
| CVE-2011-4924 | Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x be... | | |
| CVE-2011-4925 | Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when mu... | S | |
| CVE-2011-4926 | Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page.php in the Adminimize plugin ... | E | |
| CVE-2011-4927 | Unspecified vulnerability in the bazaar repository adapter in Redmine 1.0.x before 1.0.5 allows remo... | | |
| CVE-2011-4928 | Cross-site scripting (XSS) vulnerability in the textile formatter in Redmine before 1.0.5 allows rem... | | |
| CVE-2011-4929 | Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 a... | | |
| CVE-2011-4930 | Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x ver... | | |
| CVE-2011-4931 | gpw generates shorter passwords than required... | | |
| CVE-2011-4932 | Eval injection vulnerability in ip_cms/modules/standard/content_management/actions.php in ImpressPag... | E | |
| CVE-2011-4933 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0819. Reason: This candida... | R | |
| CVE-2011-4934 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0820. Reason: This candida... | R | |
| CVE-2011-4935 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0821. Reason: This candida... | R | |
| CVE-2011-4936 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0822. Reason: This candida... | R | |
| CVE-2011-4937 | Joomla! 1.7.1 has core information disclosure due to inadequate error checking.... | | |
| CVE-2011-4938 | Multiple cross-site scripting (XSS) vulnerabilities in Ariadne 2.7.6 allow remote attackers to injec... | E | |
| CVE-2011-4939 | The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attacke... | | |
| CVE-2011-4940 | The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1,... | | |
| CVE-2011-4941 | Unspecified vulnerability in Piwik 1.2 through 1.4 allows remote attackers with the view permission ... | | |
| CVE-2011-4942 | Multiple cross-site scripting (XSS) vulnerabilities in admin/configuration.php in Geeklog before 1.7... | | |
| CVE-2011-4943 | ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13)... | | |
| CVE-2011-4944 | Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after ... | | |
| CVE-2011-4945 | PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which allows local users in the whee... | | |
| CVE-2011-4946 | SQL injection vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote att... | E S | |
| CVE-2011-4947 | Cross-site request forgery (CSRF) vulnerability in e107_admin/users_extended.php in e107 before 0.7.... | | |
| CVE-2011-4948 | Directory traversal vulnerability in admin/remote.php in EGroupware Enterprise Line (EPL) before 11.... | E | |
| CVE-2011-4949 | SQL injection vulnerability in phpgwapi/js/dhtmlxtree/samples/with_db/loaddetails.php in EGroupware ... | E | |
| CVE-2011-4950 | Cross-site scripting (XSS) vulnerability in phpgwapi/js/jscalendar/test.php in EGroupware Enterprise... | E | |
| CVE-2011-4951 | Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware Enterprise Line (EPL) before 11... | E | |
| CVE-2011-4952 | cobbler: Web interface lacks CSRF protection when using Django framework... | | |
| CVE-2011-4953 | The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attacke... | | |
| CVE-2011-4954 | cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE... | | |
| CVE-2011-4955 | Multiple cross-site scripting (XSS) vulnerabilities in ui_stats.php in the bSuite plugin before 5 al... | | |
| CVE-2011-4956 | Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject... | | |
| CVE-2011-4957 | The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properl... | | |
| CVE-2011-4958 | Cross-site scripting (XSS) vulnerability in the process function in SSViewer.php in SilverStripe bef... | E S | |
| CVE-2011-4959 | SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x b... | E S | |
| CVE-2011-4960 | SQL injection vulnerability in the Folder::findOrMake method in SilverStripe 2.3.x before 2.3.12 and... | E S | |
| CVE-2011-4961 | SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6 allows remote authenticated users with the E... | S | |
| CVE-2011-4962 | code/sitefeatures/PageCommentInterface.php in SilverStripe 2.4.x before 2.4.6 might allow remote att... | E S | |
| CVE-2011-4963 | nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended a... | M | |
| CVE-2011-4964 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-2667. Reason: This candida... | R | |
| CVE-2011-4965 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2011-4966 | modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentic... | S | |
| CVE-2011-4967 | tog-Pegasus has a package hash collision DoS vulnerability... | S | |
| CVE-2011-4968 | nginx http proxy module does not verify peer identity of https origin server which could facilitate ... | S | |
| CVE-2011-4969 | Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select ... | E S | |
| CVE-2011-4970 | Multiple SQL injection vulnerabilities in LCG Disk Pool Manager (DPM) before 1.8.6, as used in EGI U... | E S | |
| CVE-2011-4971 | Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_a... | E S | |
| CVE-2011-4972 | hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to pr... | S | |
| CVE-2011-4973 | Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity ... | | |
| CVE-2011-4974 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2011-4975 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2011-4976 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2011-4977 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2011-4978 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2011-4979 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4980 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4981 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4982 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4983 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4984 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4985 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4986 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4987 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4988 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4989 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4990 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4991 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4992 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4993 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4994 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4995 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4996 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4997 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4998 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2011-4999 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R |