2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-2731 | — | — | 1.2% | Dec 5, 2012 | Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 ... |
| CVE-2011-2730 | — | — | 11.8% | Dec 5, 2012 | VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Ex... |
| CVE-2011-5373 | — | — | — | Nov 28, 2012 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5373. Reason: This candidate is a duplicate of ... |
| CVE-2011-5372 | — | — | — | Nov 28, 2012 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5372. Reason: This candidate is a duplicate of ... |
| CVE-2011-5371 | — | — | — | Nov 28, 2012 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5371. Reason: This candidate is a duplicate of ... |
| CVE-2011-5370 | — | — | — | Nov 28, 2012 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5370. Reason: This candidate is a duplicate of ... |
| CVE-2011-5245 | — | — | 3.2% | Nov 23, 2012 | The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arb... |
| CVE-2011-4605 | — | — | 3.5% | Nov 23, 2012 | The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platfor... |
| CVE-2011-4085 | — | — | 3.0% | Nov 23, 2012 | The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0,... |
| CVE-2011-2908 | — | — | 1.6% | Nov 23, 2012 | Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform bef... |
| CVE-2011-1096 | — | — | 2.6% | Nov 23, 2012 | The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platfo... |
| CVE-2011-4612 | — | — | 2.2% | Nov 20, 2012 | icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log... |
| CVE-2011-5244 | — | — | 3.4% | Nov 19, 2012 | Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as ... |
| CVE-2011-2486 | — | — | 2.5% | Nov 19, 2012 | nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prev... |
| CVE-2011-0433 | — | — | 4.2% | Nov 19, 2012 | Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and p... |
| CVE-2011-1374 | — | — | 5.0% | Nov 9, 2012 | Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of s... |
| CVE-2011-5243 | — | — | 0.5% | Nov 6, 2012 | TwitterOAuth does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subject... |
| CVE-2011-5242 | — | — | 0.5% | Nov 6, 2012 | tmhOAuth before 0.61 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or... |
| CVE-2011-5241 | — | — | 0.5% | Nov 6, 2012 | Services_Twitter 0.6.3 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) ... |
| CVE-2011-5240 | — | — | 0.5% | Nov 6, 2012 | Magento 1.5 and 1.6.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) o... |
| CVE-2011-5239 | — | — | 0.5% | Nov 6, 2012 | CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject's Common Name (CN)... |
| CVE-2011-5238 | — | — | 0.4% | Nov 6, 2012 | google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a domain name in the subje... |
| CVE-2011-5237 | — | — | 0.5% | Nov 6, 2012 | PayPal WPS ToolKit does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or s... |
| CVE-2011-5236 | — | — | 0.5% | Nov 6, 2012 | Moneris eSelectPlus 2.03 PHP API does not verify that the server hostname matches a domain name in the subject's Common ... |
| CVE-2011-5235 | — | — | 1.9% | Oct 25, 2012 | SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via t... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now