2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-1094 | — | — | 1.0% | Mar 16, 2011 | kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches t... |
| CVE-2011-0889 | — | — | 13.4% | Mar 16, 2011 | Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 all... |
| CVE-2011-0751 | — | — | 3.7% | Mar 16, 2011 | Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arb... |
| CVE-2011-0745 | — | — | 6.3% | Mar 16, 2011 | SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain dupl... |
| CVE-2011-0648 | — | — | 2.5% | Mar 16, 2011 | Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown... |
| CVE-2011-0442 | — | — | 1.1% | Mar 16, 2011 | The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and ... |
| CVE-2011-0411 | — | — | 16.3% | Mar 16, 2011 | The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.... |
| CVE-2011-0322 | — | — | 1.7% | Mar 16, 2011 | Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0.x, and 6.1.x allows remote attackers to access res... |
| CVE-2011-1427 | — | — | 1.6% | Mar 15, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 5.5.2 allow remote attackers to inject arbitrary web... |
| CVE-2011-1147 | — | — | 3.5% | Mar 15, 2011 | Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in ma... |
| CVE-2011-1146 | — | — | 1.5% | Mar 15, 2011 | libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which all... |
| CVE-2011-1092 | — | — | 17.9% | Mar 15, 2011 | Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of servic... |
| CVE-2011-0695 | — | — | 1.2% | Mar 15, 2011 | Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel ... |
| CVE-2011-0457 | — | — | 1.0% | Mar 15, 2011 | Cross-site scripting (XSS) vulnerability in e107 0.7.22 and earlier allows remote attackers to inject arbitrary web scri... |
| CVE-2011-0438 | — | — | 1.5% | Mar 15, 2011 | nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success code when a user is not found in LDAP, which allows ... |
| CVE-2011-0063 | — | — | 85.5% | Mar 15, 2011 | The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct d... |
| CVE-2011-0001 | — | — | 5.1% | Mar 15, 2011 | Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI t... |
| CVE-2011-1419 | — | — | 6.5% | Mar 14, 2011 | Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, ... |
| CVE-2011-1091 | — | — | 3.0% | Mar 14, 2011 | libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated user... |
| CVE-2011-1088 | — | — | 6.5% | Mar 14, 2011 | Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass int... |
| CVE-2011-0701 | — | — | 3.2% | Mar 14, 2011 | wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) ... |
| CVE-2011-0700 | — | — | 2.7% | Mar 14, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject... |
| CVE-2011-0432 | — | — | 1.8% | Mar 14, 2011 | Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.p... |
| CVE-2011-0280 | — | — | 1.7% | Mar 14, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers ... |
| CVE-2011-1418 | — | — | 1.5% | Mar 11, 2011 | The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS bef... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now