2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-0774 | — | — | 1.4% | Feb 4, 2011 | PivotX before 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.ph... |
| CVE-2011-0773 | — | — | 2.4% | Feb 4, 2011 | Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attacke... |
| CVE-2011-0772 | — | — | 2.5% | Feb 4, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow rem... |
| CVE-2011-0771 | — | — | 2.1% | Feb 4, 2011 | The Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not validate the file for a profile image, which allows... |
| CVE-2011-0649 | — | — | 0.4% | Feb 4, 2011 | Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 thr... |
| CVE-2011-0537 | — | — | 2.9% | Feb 4, 2011 | Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki ... |
| CVE-2011-0049 | — | — | 95.4% | Feb 4, 2011 | Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allo... |
| CVE-2011-0047 | — | — | 2.3% | Feb 4, 2011 | Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web scri... |
| CVE-2011-0720 | — | — | 3.1% | Feb 3, 2011 | Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote a... |
| CVE-2011-0451 | — | — | 1.9% | Feb 3, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in (1) data/Smarty/templates/default/list.tpl and (2) data/Smarty/te... |
| CVE-2011-0354 | — | — | 14.0% | Feb 3, 2011 | The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with softwar... |
| CVE-2011-0757 | — | — | 2.4% | Feb 2, 2011 | IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DB... |
| CVE-2011-0521 | — | — | 0.4% | Feb 2, 2011 | The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check th... |
| CVE-2011-0755 | — | — | 1.9% | Feb 2, 2011 | Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to pre... |
| CVE-2011-0754 | — | — | 0.3% | Feb 2, 2011 | The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not pr... |
| CVE-2011-0753 | — | — | 0.8% | Feb 2, 2011 | Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow contex... |
| CVE-2011-0752 | — | — | 1.3% | Feb 2, 2011 | The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOB... |
| CVE-2011-0742 | — | — | 9.5% | Feb 2, 2011 | Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary ... |
| CVE-2011-0741 | — | — | 1.7% | Feb 2, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote attackers to inject arbi... |
| CVE-2011-0740 | — | — | 4.7% | Feb 2, 2011 | Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allo... |
| CVE-2011-0739 | — | — | 2.7% | Feb 2, 2011 | The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2... |
| CVE-2011-0738 | — | — | 1.6% | Feb 2, 2011 | MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2)... |
| CVE-2011-0276 | — | — | 82.4% | Feb 2, 2011 | HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.secu... |
| CVE-2011-0017 | — | — | 0.4% | Feb 2, 2011 | The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid sy... |
| CVE-2011-0735 | — | — | 2.6% | Feb 1, 2011 | Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitra... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now