2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-0228 | — | — | 6.4% | Aug 29, 2011 | The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the basicConstraints parame... |
| CVE-2011-3187 | — | — | 6.7% | Aug 29, 2011 | The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip.rb in Ruby on Rails 3.0.5 does not validate the X... |
| CVE-2011-3186 | — | — | 1.7% | Aug 29, 2011 | CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows... |
| CVE-2011-2932 | — | — | 2.5% | Aug 29, 2011 | Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on... |
| CVE-2011-2931 | — | — | 2.5% | Aug 29, 2011 | Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanne... |
| CVE-2011-2930 | — | — | 2.4% | Aug 29, 2011 | Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/a... |
| CVE-2011-2929 | — | — | 1.8% | Aug 29, 2011 | The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.... |
| CVE-2011-2497 | — | — | 2.0% | Aug 29, 2011 | Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows r... |
| CVE-2011-2213 | — | — | 0.4% | Aug 29, 2011 | The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET... |
| CVE-2011-3185 | — | — | 4.8% | Aug 29, 2011 | gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a ... |
| CVE-2011-3184 | — | — | 3.9% | Aug 29, 2011 | The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does ... |
| CVE-2011-3181 | — | — | 2.3% | Aug 29, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.... |
| CVE-2011-2943 | — | — | 3.6% | Aug 29, 2011 | The irc_msg_who function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 d... |
| CVE-2011-2928 | — | — | 0.5% | Aug 29, 2011 | The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attr... |
| CVE-2011-3192 | — | — | 98.9% | Aug 29, 2011 | The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attac... |
| CVE-2011-2839 | — | — | 1.3% | Aug 29, 2011 | The PDF implementation in Google Chrome before 13.0.782.215 on Linux does not properly use the memset library function, ... |
| CVE-2011-2829 | — | — | 1.0% | Aug 29, 2011 | Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of s... |
| CVE-2011-2828 | — | — | 1.1% | Aug 29, 2011 | Google V8, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibl... |
| CVE-2011-2827 | — | — | 1.8% | Aug 29, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service o... |
| CVE-2011-2826 | — | — | 1.1% | Aug 29, 2011 | Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty ... |
| CVE-2011-2825 | — | — | 2.3% | Aug 29, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service o... |
| CVE-2011-2824 | — | — | 1.1% | Aug 29, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service o... |
| CVE-2011-2823 | — | — | 1.6% | Aug 29, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service o... |
| CVE-2011-2822 | — | — | 0.9% | Aug 29, 2011 | Google Chrome before 13.0.782.215 on Windows does not properly parse URLs located on the command line, which has unspeci... |
| CVE-2011-2821 | — | — | 2.0% | Aug 29, 2011 | Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a d... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now