2011 CVE Vulnerabilities

4,898 CVEs published in 2011.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2011-1094kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches t...
CVE-2011-0889Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 all...
CVE-2011-0751Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arb...
CVE-2011-0745SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain dupl...
CVE-2011-0648Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown...
CVE-2011-0442The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and ...
CVE-2011-0411The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2....
CVE-2011-0322Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0.x, and 6.1.x allows remote attackers to access res...
CVE-2011-1427Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 5.5.2 allow remote attackers to inject arbitrary web...
CVE-2011-1147Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in ma...
CVE-2011-1146libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which all...
CVE-2011-1092Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of servic...
CVE-2011-0695Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel ...
CVE-2011-0457Cross-site scripting (XSS) vulnerability in e107 0.7.22 and earlier allows remote attackers to inject arbitrary web scri...
CVE-2011-0438nslcd/pam.c in the nss-pam-ldapd 0.8.0 PAM module returns a success code when a user is not found in LDAP, which allows ...
CVE-2011-0063The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct d...
CVE-2011-0001Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI t...
CVE-2011-1419Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, ...
CVE-2011-1091libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated user...
CVE-2011-1088Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass int...
CVE-2011-0701wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) ...
CVE-2011-0700Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject...
CVE-2011-0432Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.p...
CVE-2011-0280Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers ...
CVE-2011-1418The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS bef...

Check if your code is affected by 2011 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now