2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-10041 | CRITICAL | 9.3 | 0.8% | Jan 15, 2026 | Uploadify WordPress plugin versions up to and including 1.0 contain an arbitrary file upload vulnerability in process_up... |
| CVE-2011-10033 | CRITICAL | 9.3 | 0.4% | Oct 15, 2025 | The WordPress plugin is-human <= v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be tri... |
| CVE-2011-10032 | CRITICAL | 9.3 | 1.3% | Aug 30, 2025 | Sunway ForceControl version 6.1 SP3 and earlier contains a stack-based buffer overflow vulnerability in the SNMP NetDBSe... |
| CVE-2011-10026 | CRITICAL | 9.3 | 2.5% | Aug 20, 2025 | Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionalit... |
| CVE-2011-10019 | CRITICAL | 10 | 3.8% | Aug 13, 2025 | Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. Th... |
| CVE-2011-10018 | CRITICAL | 10 | 1.9% | Aug 13, 2025 | myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remot... |
| CVE-2011-10017 | CRITICAL | 10 | 2.3% | Aug 13, 2025 | Snort Report versions < 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts.... |
| CVE-2011-10016 | CRITICAL | 9.3 | 0.4% | Aug 13, 2025 | Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially cr... |
| CVE-2011-10015 | CRITICAL | 9.3 | 0.4% | Aug 13, 2025 | Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY... |
| CVE-2011-10013 | CRITICAL | 10 | 1.5% | Aug 13, 2025 | Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed... |
| CVE-2011-10011 | CRITICAL | 10 | 1.6% | Aug 13, 2025 | WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the t... |
| CVE-2011-10010 | CRITICAL | 9.4 | 1.5% | Aug 13, 2025 | QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of us... |
| CVE-2011-10004 | CRITICAL | 9.8 | 0.6% | Oct 17, 2023 | A vulnerability was found in reciply Plugin up to 1.1.7 on WordPress. It has been rated as critical. This issue affects ... |
| CVE-2011-10003 | CRITICAL | 9.8 | 0.6% | Feb 7, 2023 | A vulnerability was found in XpressEngine up to 1.4.4. It has been rated as critical. This issue affects some unknown pr... |
| CVE-2011-10002 | CRITICAL | 9.8 | 0.7% | Feb 7, 2023 | A vulnerability classified as critical has been found in weblabyrinth 0.3.1. This affects the function Labyrinth of the ... |
| CVE-2011-10001 | CRITICAL | 9.8 | 0.7% | Jan 18, 2023 | A vulnerability was found in iamdroppy phoenixcf. It has been declared as critical. Affected by this vulnerability is an... |
| CVE-2011-4574 | CRITICAL | 9.8 | 1.1% | Oct 27, 2021 | PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart, this uses timing inform... |
| CVE-2011-4125 | CRITICAL | 9.8 | 2.2% | Oct 27, 2021 | A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivilege... |
| CVE-2011-4124 | CRITICAL | 9.8 | 2.2% | Oct 27, 2021 | Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and e... |
| CVE-2011-4119 | CRITICAL | 9.8 | 1.8% | Oct 26, 2021 | caml-light <= 0.75 uses mktemp() insecurely, and also does unsafe things in /tmp during make install. |
| CVE-2011-2195 | CRITICAL | 9.8 | 2.6% | Oct 26, 2021 | A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, ... |
| CVE-2011-4908 | CRITICAL | 9.8 | 55.8% | Feb 12, 2020 | TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php. |
| CVE-2011-4906 | CRITICAL | 9.8 | 9.6% | Feb 12, 2020 | Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution. |
| CVE-2011-3642 | CRITICAL | 9.6 | 7.3% | Feb 8, 2020 | Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the News system (news) ext... |
| CVE-2011-1517 | CRITICAL | 9.8 | 4.2% | Feb 5, 2020 | SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. ... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now