2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-1151 | CRITICAL | 9.1 | 1.7% | Feb 5, 2020 | Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters. |
| CVE-2011-3621 | CRITICAL | 9.8 | 1.2% | Jan 22, 2020 | A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled. |
| CVE-2011-3614 | CRITICAL | 9.8 | 2.0% | Jan 22, 2020 | An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9. |
| CVE-2011-4943 | CRITICAL | 9.8 | 1.8% | Jan 22, 2020 | ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13) |
| CVE-2011-4094 | CRITICAL | 9.8 | 2.7% | Jan 21, 2020 | Jara 1.6 has a SQL injection vulnerability. |
| CVE-2011-2715 | CRITICAL | 9.8 | 1.1% | Jan 14, 2020 | An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table... |
| CVE-2011-3203 | CRITICAL | 9.8 | 2.4% | Jan 14, 2020 | A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2. |
| CVE-2011-5020 | CRITICAL | 9.8 | 1.0% | Jan 10, 2020 | An SQL Injection vulnerability exists in the ID parameter in Online TV Database 2011. |
| CVE-2011-5266 | CRITICAL | 9.8 | 1.2% | Jan 8, 2020 | Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass. |
| CVE-2011-2717 | CRITICAL | 9.8 | 3.9% | Nov 27, 2019 | The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitr... |
| CVE-2011-2523 | CRITICAL | 9.8 | 96.2% | Nov 27, 2019 | vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp. |
| CVE-2011-1939 | CRITICAL | 9.8 | 3.9% | Nov 26, 2019 | SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compati... |
| CVE-2011-1933 | CRITICAL | 9.8 | 1.6% | Nov 26, 2019 | SQL injection vulnerability in Jifty::DBI before 0.68. |
| CVE-2011-4121 | CRITICAL | 9.8 | 2.5% | Nov 26, 2019 | The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value ... |
| CVE-2011-4120 | CRITICAL | 9.8 | 2.0% | Nov 26, 2019 | Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM configuration option was not used ... |
| CVE-2011-3584 | CRITICAL | 9.8 | 1.2% | Nov 26, 2019 | The TYPO3 Core wec_discussion extension before 2.1.1 is vulnerable to SQL Injection due to improper sanitation of user-s... |
| CVE-2011-3583 | CRITICAL | 9.8 | 1.4% | Nov 26, 2019 | It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not prope... |
| CVE-2011-1028 | CRITICAL | 9.8 | 1.6% | Nov 20, 2019 | The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smar... |
| CVE-2011-3350 | CRITICAL | 9.8 | 1.5% | Nov 19, 2019 | masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privi... |
| CVE-2011-2921 | CRITICAL | 9.8 | 82.8% | Nov 19, 2019 | ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified com... |
| CVE-2011-5331 | CRITICAL | 9.8 | 2.7% | Nov 18, 2019 | Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval. |
| CVE-2011-5330 | CRITICAL | 9.8 | 2.1% | Nov 18, 2019 | Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls. |
| CVE-2011-0703 | CRITICAL | 9.8 | 1.3% | Nov 15, 2019 | In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to over... |
| CVE-2011-1930 | CRITICAL | 9.8 | 20.5% | Nov 14, 2019 | In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This... |
| CVE-2011-2936 | CRITICAL | 9.8 | 1.5% | Nov 12, 2019 | Elgg through 1.7.10 has a SQL injection vulnerability |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now