2011 CVE Vulnerabilities

4,898 CVEs published in 2011.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2011-0228The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the basicConstraints parame...
CVE-2011-3187The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip.rb in Ruby on Rails 3.0.5 does not validate the X...
CVE-2011-3186CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows...
CVE-2011-2932Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on...
CVE-2011-2931Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanne...
CVE-2011-2930Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/a...
CVE-2011-2929The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3....
CVE-2011-2497Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows r...
CVE-2011-2213The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET...
CVE-2011-3185gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a ...
CVE-2011-3184The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does ...
CVE-2011-3181Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4....
CVE-2011-2943The irc_msg_who function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 d...
CVE-2011-2928The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attr...
CVE-2011-3192The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attac...
CVE-2011-2839The PDF implementation in Google Chrome before 13.0.782.215 on Linux does not properly use the memset library function, ...
CVE-2011-2829Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of s...
CVE-2011-2828Google V8, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibl...
CVE-2011-2827Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service o...
CVE-2011-2826Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty ...
CVE-2011-2825Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service o...
CVE-2011-2824Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service o...
CVE-2011-2823Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service o...
CVE-2011-2822Google Chrome before 13.0.782.215 on Windows does not properly parse URLs located on the command line, which has unspeci...
CVE-2011-2821Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a d...

Check if your code is affected by 2011 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now