2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-1095 | — | — | 0.5% | Apr 10, 2011 | locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, whic... |
| CVE-2011-1089 | — | — | 0.4% | Apr 10, 2011 | The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for fa... |
| CVE-2011-0994 | — | — | 17.9% | Apr 10, 2011 | Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execut... |
| CVE-2011-0765 | — | — | 0.4% | Apr 10, 2011 | Unspecified vulnerability in lft in pWhois Layer Four Traceroute (LFT) 3.x before 3.3 allows local users to gain privile... |
| CVE-2011-1671 | — | — | 2.0% | Apr 10, 2011 | Cross-site scripting (XSS) vulnerability in app/controllers/todos_controller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel al... |
| CVE-2011-1670 | — | — | 1.7% | Apr 10, 2011 | Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions,... |
| CVE-2011-1669 | — | — | 22.2% | Apr 10, 2011 | Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote a... |
| CVE-2011-1668 | — | — | 1.7% | Apr 10, 2011 | Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, and possibly other ver... |
| CVE-2011-1667 | — | — | 1.4% | Apr 10, 2011 | SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands... |
| CVE-2011-1666 | — | — | 1.4% | Apr 10, 2011 | Metaways Tine 2.0 allows remote attackers to obtain sensitive information via unknown vectors in (1) Crm/Controller.php,... |
| CVE-2011-1665 | — | — | 2.5% | Apr 10, 2011 | PHPBoost 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attac... |
| CVE-2011-1664 | — | — | 0.6% | Apr 10, 2011 | Cross-site request forgery (CSRF) vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allo... |
| CVE-2011-1663 | — | — | 1.1% | Apr 10, 2011 | SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers ... |
| CVE-2011-1662 | — | — | 1.1% | Apr 10, 2011 | Cross-site scripting (XSS) vulnerability in Translation Management module 6.x before 6.x-1.21 for Drupal allows remote a... |
| CVE-2011-1661 | — | — | 1.5% | Apr 10, 2011 | The Node Quick Find module 6.x-1.1 for Drupal does not use db_rewrite_sql when presenting node titles, which allows remo... |
| CVE-2011-1660 | — | — | 1.3% | Apr 10, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in the DataDynamics.Reports.Web class library in GrapeCity Data Dyna... |
| CVE-2011-1163 | — | — | 0.4% | Apr 10, 2011 | The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid ... |
| CVE-2011-0466 | — | — | 1.1% | Apr 10, 2011 | The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intend... |
| CVE-2011-0463 | — | — | 0.5% | Apr 10, 2011 | The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in th... |
| CVE-2011-0462 | — | — | 0.9% | Apr 10, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in the login page in the webui component in SUSE openSUSE Build Serv... |
| CVE-2011-1659 | — | — | 2.9% | Apr 8, 2011 | Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent ... |
| CVE-2011-1658 | — | — | 0.3% | Apr 8, 2011 | ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is ... |
| CVE-2011-1492 | — | — | 1.8% | Apr 8, 2011 | steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request ... |
| CVE-2011-1491 | — | — | 1.5% | Apr 8, 2011 | The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login... |
| CVE-2011-1475 | — | — | 8.7% | Apr 8, 2011 | The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remot... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now