2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-4082 | HIGH | 7.5 | 1.7% | Nov 26, 2019 | A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-L... |
| CVE-2011-3632 | HIGH | 7.1 | 0.5% | Nov 26, 2019 | Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw ... |
| CVE-2011-3631 | HIGH | 8.8 | 2.7% | Nov 26, 2019 | Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string le... |
| CVE-2011-3630 | HIGH | 8.8 | 2.7% | Nov 26, 2019 | Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with dee... |
| CVE-2011-3600 | HIGH | 7.5 | 15.9% | Nov 26, 2019 | The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing ... |
| CVE-2011-3596 | HIGH | 7.5 | 11.1% | Nov 26, 2019 | Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request. |
| CVE-2011-3355 | HIGH | 7.3 | 0.8% | Nov 25, 2019 | evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messag... |
| CVE-2011-3351 | HIGH | 7.1 | 0.4% | Nov 25, 2019 | openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics docume... |
| CVE-2011-0529 | HIGH | 7.5 | 1.3% | Nov 20, 2019 | Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. |
| CVE-2011-3349 | HIGH | 7.8 | 0.4% | Nov 19, 2019 | lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled ... |
| CVE-2011-2922 | HIGH | 7.8 | 0.7% | Nov 19, 2019 | ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local attacker to escalate privi... |
| CVE-2011-4967 | HIGH | 7.5 | 2.7% | Nov 19, 2019 | tog-Pegasus has a package hash collision DoS vulnerability |
| CVE-2011-4954 | HIGH | 7.8 | 0.3% | Nov 19, 2019 | cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE |
| CVE-2011-4952 | HIGH | 8.8 | 0.6% | Nov 19, 2019 | cobbler: Web interface lacks CSRF protection when using Django framework |
| CVE-2011-4919 | HIGH | 7.5 | 2.2% | Nov 19, 2019 | mpack 1.6 has information disclosure via eavesdropping on mails sent by other users |
| CVE-2011-2726 | HIGH | 7.5 | 1.6% | Nov 15, 2019 | An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File uploa... |
| CVE-2011-1588 | HIGH | 7.8 | 1.1% | Nov 14, 2019 | Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. |
| CVE-2011-1145 | HIGH | 7.8 | 0.4% | Nov 14, 2019 | The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a ... |
| CVE-2011-1070 | HIGH | 7.8 | 0.4% | Nov 14, 2019 | v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged user... |
| CVE-2011-4972 | HIGH | 7.5 | 1.7% | Nov 13, 2019 | hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which a... |
| CVE-2011-2335 | HIGH | 7.5 | 0.6% | Nov 12, 2019 | A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function. |
| CVE-2011-3618 | HIGH | 7.8 | 0.4% | Nov 12, 2019 | atop: symlink attack possible due to insecure tempfile handling |
| CVE-2011-1298 | HIGH | 7.5 | 0.9% | Nov 6, 2019 | An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect f... |
| CVE-2011-4625 | HIGH | 7.5 | 0.7% | Nov 6, 2019 | simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote ... |
| CVE-2011-1408 | HIGH | 8.2 | 1.6% | Oct 29, 2019 | ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks. |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now