2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-1960 | — | — | 17.6% | Aug 10, 2011 | Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attac... |
| CVE-2011-1871 | — | — | 38.5% | Aug 10, 2011 | Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gol... |
| CVE-2011-1263 | — | — | 15.2% | Aug 10, 2011 | Cross-site scripting (XSS) vulnerability in the logon page in Remote Desktop Web Access (RD Web Access) in Microsoft Win... |
| CVE-2011-1257 | — | — | 15.3% | Aug 10, 2011 | Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a d... |
| CVE-2011-3124 | — | — | 0.4% | Aug 10, 2011 | IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1... |
| CVE-2011-3123 | — | — | 0.4% | Aug 10, 2011 | IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1... |
| CVE-2011-3122 | — | — | 2.6% | Aug 10, 2011 | Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors rela... |
| CVE-2011-3007 | — | — | 1.2% | Aug 10, 2011 | The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers... |
| CVE-2011-3006 | — | — | 2.1% | Aug 10, 2011 | The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote... |
| CVE-2011-2511 | — | — | 3.5% | Aug 10, 2011 | Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash)... |
| CVE-2011-2178 | — | — | 0.3% | Aug 10, 2011 | The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wro... |
| CVE-2011-3014 | — | — | 1.2% | Aug 9, 2011 | The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching ... |
| CVE-2011-3013 | — | — | 1.2% | Aug 9, 2011 | WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphe... |
| CVE-2011-2590 | — | — | 1.9% | Aug 9, 2011 | The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 allows remote attackers to execute arb... |
| CVE-2011-2589 | — | — | 4.2% | Aug 9, 2011 | Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2... |
| CVE-2011-2224 | — | — | 1.2% | Aug 9, 2011 | The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag ... |
| CVE-2011-2223 | — | — | 1.4% | Aug 9, 2011 | The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cl... |
| CVE-2011-2222 | — | — | 1.2% | Aug 9, 2011 | Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2... |
| CVE-2011-2221 | — | — | 1.4% | Aug 9, 2011 | The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass W... |
| CVE-2011-3012 | — | — | 8.2% | Aug 9, 2011 | The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not... |
| CVE-2011-2979 | — | — | 2.1% | Aug 9, 2011 | Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group na... |
| CVE-2011-2978 | — | — | 1.7% | Aug 9, 2011 | Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x befor... |
| CVE-2011-2977 | — | — | 0.3% | Aug 9, 2011 | Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary ... |
| CVE-2011-2976 | — | — | 1.4% | Aug 9, 2011 | Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.1... |
| CVE-2011-2381 | — | — | 1.5% | Aug 9, 2011 | CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x b... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now