2011 CVE Vulnerabilities

4,898 CVEs published in 2011.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2011-1095locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, whic...
CVE-2011-1089The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for fa...
CVE-2011-0994Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execut...
CVE-2011-0765Unspecified vulnerability in lft in pWhois Layer Four Traceroute (LFT) 3.x before 3.3 allows local users to gain privile...
CVE-2011-1671Cross-site scripting (XSS) vulnerability in app/controllers/todos_controller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel al...
CVE-2011-1670Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions,...
CVE-2011-1669Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote a...
CVE-2011-1668Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, and possibly other ver...
CVE-2011-1667SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands...
CVE-2011-1666Metaways Tine 2.0 allows remote attackers to obtain sensitive information via unknown vectors in (1) Crm/Controller.php,...
CVE-2011-1665PHPBoost 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attac...
CVE-2011-1664Cross-site request forgery (CSRF) vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allo...
CVE-2011-1663SQL injection vulnerability in the Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers ...
CVE-2011-1662Cross-site scripting (XSS) vulnerability in Translation Management module 6.x before 6.x-1.21 for Drupal allows remote a...
CVE-2011-1661The Node Quick Find module 6.x-1.1 for Drupal does not use db_rewrite_sql when presenting node titles, which allows remo...
CVE-2011-1660Multiple cross-site scripting (XSS) vulnerabilities in the DataDynamics.Reports.Web class library in GrapeCity Data Dyna...
CVE-2011-1163The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid ...
CVE-2011-0466The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intend...
CVE-2011-0463The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in th...
CVE-2011-0462Multiple cross-site scripting (XSS) vulnerabilities in the login page in the webui component in SUSE openSUSE Build Serv...
CVE-2011-1659Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent ...
CVE-2011-1658ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is ...
CVE-2011-1492steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request ...
CVE-2011-1491The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login...
CVE-2011-1475The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remot...

Check if your code is affected by 2011 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now