2011 CVE Vulnerabilities

4,898 CVEs published in 2011.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2011-0774PivotX before 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.ph...
CVE-2011-0773Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attacke...
CVE-2011-0772Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow rem...
CVE-2011-0771The Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not validate the file for a profile image, which allows...
CVE-2011-0649Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 thr...
CVE-2011-0537Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki ...
CVE-2011-0049Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allo...
CVE-2011-0047Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web scri...
CVE-2011-0720Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote a...
CVE-2011-0451Multiple cross-site scripting (XSS) vulnerabilities in (1) data/Smarty/templates/default/list.tpl and (2) data/Smarty/te...
CVE-2011-0354The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with softwar...
CVE-2011-0757IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DB...
CVE-2011-0521The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check th...
CVE-2011-0755Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to pre...
CVE-2011-0754The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not pr...
CVE-2011-0753Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow contex...
CVE-2011-0752The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOB...
CVE-2011-0742Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary ...
CVE-2011-0741Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote attackers to inject arbi...
CVE-2011-0740Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allo...
CVE-2011-0739The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2...
CVE-2011-0738MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2)...
CVE-2011-0276HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.secu...
CVE-2011-0017The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid sy...
CVE-2011-0735Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitra...

Check if your code is affected by 2011 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now