2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-4076 | MEDIUM | 5.9 | 1.4% | Nov 26, 2019 | OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC... |
| CVE-2011-3624 | MEDIUM | 5.3 | 1.5% | Nov 26, 2019 | Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwa... |
| CVE-2011-3617 | MEDIUM | 6.5 | 0.9% | Nov 26, 2019 | Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some cases. |
| CVE-2011-3609 | MEDIUM | 6.5 | 1.3% | Nov 26, 2019 | A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the managem... |
| CVE-2011-3606 | MEDIUM | 5.4 | 1.1% | Nov 26, 2019 | A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration con... |
| CVE-2011-3373 | MEDIUM | 6.1 | 1.3% | Nov 25, 2019 | Drupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the vocabulary help when th... |
| CVE-2011-4924 | MEDIUM | 6.1 | 1.4% | Nov 25, 2019 | Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x... |
| CVE-2011-4455 | MEDIUM | 6.1 | 0.9% | Nov 20, 2019 | Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web scr... |
| CVE-2011-4454 | MEDIUM | 6.1 | 0.9% | Nov 20, 2019 | Multiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier allow remote attackers to inject arbitrary web... |
| CVE-2011-3352 | MEDIUM | 4.8 | 0.8% | Nov 19, 2019 | Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by se... |
| CVE-2011-2924 | MEDIUM | 5.5 | 0.4% | Nov 19, 2019 | foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by renderin... |
| CVE-2011-2923 | MEDIUM | 5.5 | 0.4% | Nov 19, 2019 | foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering t... |
| CVE-2011-4968 | MEDIUM | 4.8 | 4.0% | Nov 19, 2019 | nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle at... |
| CVE-2011-2916 | MEDIUM | 5.5 | 0.2% | Nov 15, 2019 | qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-exec... |
| CVE-2011-2910 | MEDIUM | 6.7 | 0.4% | Nov 15, 2019 | The AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a setuid call. The setuid call... |
| CVE-2011-1490 | MEDIUM | 5.5 | 0.4% | Nov 14, 2019 | A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulese... |
| CVE-2011-1489 | MEDIUM | 5.5 | 0.5% | Nov 14, 2019 | A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rules... |
| CVE-2011-1488 | MEDIUM | 5.5 | 0.5% | Nov 14, 2019 | A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgRed... |
| CVE-2011-1136 | MEDIUM | 4.7 | 0.5% | Nov 14, 2019 | In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to th... |
| CVE-2011-0544 | MEDIUM | 6.1 | 0.7% | Nov 14, 2019 | phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. |
| CVE-2011-1803 | MEDIUM | 6.5 | 0.5% | Nov 12, 2019 | An issue exists in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h in WebKit in Google Chrome before Bl... |
| CVE-2011-1802 | MEDIUM | 6.5 | 0.6% | Nov 12, 2019 | WebKit in Google Chrome before Blink M11 and M12 does not properly handle counter nodes, which allows remote attackers t... |
| CVE-2011-2334 | MEDIUM | 6.5 | 0.5% | Nov 12, 2019 | Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements wit... |
| CVE-2011-5271 | MEDIUM | 5.5 | 0.5% | Nov 12, 2019 | Pacemaker before 1.1.6 configure script creates temporary files insecurely |
| CVE-2011-3370 | MEDIUM | 6.1 | 1.0% | Nov 12, 2019 | statusnet before 0.9.9 has XSS |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now