2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-0520 | — | — | 5.2% | Jan 28, 2011 | The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows ... |
| CVE-2011-0343 | — | — | 0.4% | Jan 28, 2011 | Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operat... |
| CVE-2011-0048 | — | — | 1.8% | Jan 28, 2011 | Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a clickable link for a ... |
| CVE-2011-0046 | — | — | 1.1% | Jan 28, 2011 | Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before ... |
| CVE-2011-0018 | — | — | 9.3% | Jan 28, 2011 | The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authent... |
| CVE-2011-0646 | — | — | 1.0% | Jan 25, 2011 | SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbitrary SQL commands vi... |
| CVE-2011-0645 | — | — | 1.0% | Jan 25, 2011 | SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via ... |
| CVE-2011-0644 | — | — | 1.0% | Jan 25, 2011 | SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute ... |
| CVE-2011-0643 | — | — | 1.0% | Jan 25, 2011 | Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (phpLD) 4.1.0 allows ... |
| CVE-2011-0642 | — | — | 0.9% | Jan 25, 2011 | Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 allows remote attackers... |
| CVE-2011-0641 | — | — | 1.8% | Jan 25, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/admin.php in the StatPressCN plugin 1.9.0 for WordPress ... |
| CVE-2011-0021 | — | — | 5.8% | Jan 25, 2011 | Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote ... |
| CVE-2011-0009 | — | — | 1.9% | Jan 25, 2011 | Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, whic... |
| CVE-2011-0640 | — | — | 0.4% | Jan 25, 2011 | The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID... |
| CVE-2011-0639 | — | — | 0.3% | Jan 25, 2011 | Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HID) functionality ove... |
| CVE-2011-0638 | — | — | 1.4% | Jan 25, 2011 | Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality ... |
| CVE-2011-0637 | — | — | 0.4% | Jan 25, 2011 | The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which ... |
| CVE-2011-0273 | — | — | 13.4% | Jan 25, 2011 | Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute ar... |
| CVE-2011-0410 | — | — | 1.9% | Jan 24, 2011 | CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which m... |
| CVE-2011-0352 | — | — | 2.2% | Jan 24, 2011 | Buffer overflow in the web-based management interface on the Cisco Linksys WRT54GC router with firmware before 1.06.1 al... |
| CVE-2011-0274 | — | — | 2.1% | Jan 24, 2011 | Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05,... |
| CVE-2011-0020 | — | — | 18.9% | Jan 24, 2011 | Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pan... |
| CVE-2011-0636 | — | — | 0.4% | Jan 22, 2011 | The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19... |
| CVE-2011-0635 | — | — | 1.9% | Jan 22, 2011 | Static code injection vulnerability in Simploo CMS 1.7.1 and earlier allows remote authenticated users to inject arbitra... |
| CVE-2011-0002 | — | — | 3.8% | Jan 22, 2011 | libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now