2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-5053 | — | — | 3.3% | Jan 6, 2012 | The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly... |
| CVE-2011-4616 | — | — | 1.7% | Jan 6, 2012 | Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers ... |
| CVE-2011-4619 | — | — | 16.6% | Jan 6, 2012 | The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly hand... |
| CVE-2011-4577 | — | — | 9.3% | Jan 6, 2012 | OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial... |
| CVE-2011-4576 | — | — | 14.5% | Jan 6, 2012 | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures f... |
| CVE-2011-4109 | — | — | 17.7% | Jan 6, 2012 | Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attack... |
| CVE-2011-4108 | — | — | 15.8% | Jan 6, 2012 | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is v... |
| CVE-2011-4858 | — | — | 80.3% | Jan 5, 2012 | Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without r... |
| CVE-2011-5019 | — | — | 1.6% | Jan 5, 2012 | Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely i... |
| CVE-2011-4905 | — | — | 9.0% | Jan 5, 2012 | Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker... |
| CVE-2011-5052 | — | — | 30.1% | Jan 4, 2012 | Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote web servers to execute arbitrary code via a long ... |
| CVE-2011-5051 | — | — | 4.2% | Jan 4, 2012 | Multiple unrestricted file upload vulnerabilities in the WP Symposium plugin before 11.12.24 for WordPress allow remote ... |
| CVE-2011-5050 | — | — | 0.9% | Jan 4, 2012 | SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allo... |
| CVE-2011-5049 | — | — | 4.5% | Jan 4, 2012 | MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) vi... |
| CVE-2011-4921 | — | — | 1.1% | Jan 4, 2012 | SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote ... |
| CVE-2011-4920 | — | — | 1.3% | Jan 4, 2012 | Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.26, and other versions before 1.0.0, allow remote attack... |
| CVE-2011-3337 | — | — | 0.3% | Jan 4, 2012 | eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, ... |
| CVE-2011-1386 | — | — | 1.2% | Jan 4, 2012 | IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1, 6.2.... |
| CVE-2011-1384 | — | — | 0.3% | Jan 4, 2012 | The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.... |
| CVE-2011-5048 | — | — | 1.3% | Jan 3, 2012 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Web Experience Factory (aka WEF, formerly WebSphere Portlet F... |
| CVE-2011-5047 | — | — | 1.1% | Jan 3, 2012 | Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pfSense before 2.0.1 allows remote attackers to inje... |
| CVE-2011-4197 | — | — | 2.0% | Jan 3, 2012 | etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for... |
| CVE-2011-4778 | — | — | 0.9% | Jan 3, 2012 | Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 allows remote attackers to inject ar... |
| CVE-2011-4644 | — | — | 7.8% | Jan 3, 2012 | Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functionality within an envir... |
| CVE-2011-4643 | — | — | 8.4% | Jan 3, 2012 | Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitra... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now