2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-5265 | — | — | 10.0% | Feb 12, 2013 | Cross-site scripting (XSS) vulnerability in cached_image.php in the Featurific For WordPress plugin 1.6.2 for WordPress ... |
| CVE-2011-5264 | — | — | 2.2% | Feb 12, 2013 | Cross-site scripting (XSS) vulnerability in lazyest-backup.php in the Lazyest Backup plugin before 0.2.2 for WordPress a... |
| CVE-2011-5263 | — | — | 1.3% | Feb 12, 2013 | Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attacke... |
| CVE-2011-5262 | — | — | 1.1% | Feb 12, 2013 | SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote attackers to execute arbitrary SQL comma... |
| CVE-2011-5261 | — | — | 3.6% | Feb 12, 2013 | Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis M10 Series Network Cameras M1054 firmware 5.21 and ... |
| CVE-2011-5260 | — | — | 1.2% | Feb 12, 2013 | Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbit... |
| CVE-2011-5259 | — | — | 1.2% | Feb 12, 2013 | SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM before 2.6.11.2 allows remote attacker... |
| CVE-2011-5258 | — | — | 2.1% | Feb 12, 2013 | Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.6.11.2 allow remote attackers to inject arbitr... |
| CVE-2011-5257 | — | — | 3.8% | Feb 12, 2013 | Multiple cross-site scripting (XSS) vulnerabilities in the Classipress theme before 3.1.5 for WordPress allow remote att... |
| CVE-2011-5256 | — | — | 0.9% | Feb 12, 2013 | Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey before 1.91+ Build 11379-20111116, when viewing s... |
| CVE-2011-4575 | — | — | 1.8% | Feb 5, 2013 | Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) before 5.2.0,... |
| CVE-2011-1352 | — | — | 0.3% | Feb 5, 2013 | The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers... |
| CVE-2011-1350 | — | — | 1.1% | Feb 5, 2013 | The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel ... |
| CVE-2011-5255 | — | — | 1.7% | Jan 31, 2013 | Multiple cross-site scripting (XSS) vulnerabilities in admin/login in X3 CMS 0.4.3.1 and earlier allow remote attackers ... |
| CVE-2011-4618 | — | — | 10.1% | Jan 24, 2013 | Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress a... |
| CVE-2011-5254 | — | — | 2.6% | Jan 12, 2013 | Unspecified vulnerability in the Connections plugin before 0.7.1.6 for WordPress has unknown impact and attack vectors. |
| CVE-2011-5253 | — | — | 1.1% | Jan 12, 2013 | Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by supplying an authori... |
| CVE-2011-5252 | — | — | 11.9% | Jan 12, 2013 | Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x before 1.0.21, 1.1.x before 1.1.31, 1.2.x before 1.... |
| CVE-2011-3937 | — | — | 2.3% | Jan 5, 2013 | The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions befo... |
| CVE-2011-4316 | — | — | 0.3% | Jan 4, 2013 | Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in certain unspecified conditions, does not lock the desk... |
| CVE-2011-5251 | — | — | 1.5% | Dec 31, 2012 | Open redirect vulnerability in forum/login.php in vBulletin 4.1.3 and earlier allows remote attackers to redirect users ... |
| CVE-2011-2728 | — | — | 1.4% | Dec 21, 2012 | The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a deni... |
| CVE-2011-3131 | — | — | 0.4% | Dec 13, 2012 | Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU co... |
| CVE-2011-4433 | — | — | — | Dec 11, 2012 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this ... |
| CVE-2011-2732 | — | — | 4.6% | Dec 5, 2012 | CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x b... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now