2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-4539 | — | — | 15.5% | Dec 8, 2011 | dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcp... |
| CVE-2011-4265 | — | — | 0.9% | Dec 8, 2011 | Cross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web scri... |
| CVE-2011-4264 | — | — | 0.9% | Dec 8, 2011 | Cross-site scripting (XSS) vulnerability in Etomite before 1.1 allows remote attackers to inject arbitrary web script or... |
| CVE-2011-4054 | — | — | 1.1% | Dec 8, 2011 | Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows r... |
| CVE-2011-3636 | — | — | 0.8% | Dec 8, 2011 | Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 allows remote attack... |
| CVE-2011-3179 | — | — | 1.3% | Dec 8, 2011 | The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allo... |
| CVE-2011-2653 | — | — | 73.9% | Dec 8, 2011 | Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote at... |
| CVE-2011-4695 | — | — | 2.5% | Dec 7, 2011 | Unspecified vulnerability in Microsoft Windows 7 SP1, when Java is installed, allows local users to bypass Internet Expl... |
| CVE-2011-4694 | — | — | 7.7% | Dec 7, 2011 | Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute a... |
| CVE-2011-4693 | — | — | 7.2% | Dec 7, 2011 | Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute a... |
| CVE-2011-4692 | — | — | 1.2% | Dec 7, 2011 | WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data abo... |
| CVE-2011-4691 | — | — | 1.1% | Dec 7, 2011 | Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations... |
| CVE-2011-4690 | — | — | 1.2% | Dec 7, 2011 | Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME ... |
| CVE-2011-4689 | — | — | 10.0% | Dec 7, 2011 | Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violation... |
| CVE-2011-4688 | — | — | 1.9% | Dec 7, 2011 | Mozilla Firefox 8.0.1 and earlier does not prevent capture of data about the times of Same Origin Policy violations duri... |
| CVE-2011-4687 | — | — | 2.4% | Dec 7, 2011 | Opera before 11.60 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified con... |
| CVE-2011-4686 | — | — | 2.3% | Dec 7, 2011 | Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote attackers to cause a den... |
| CVE-2011-4685 | — | — | 2.3% | Dec 7, 2011 | Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unspecified... |
| CVE-2011-4684 | — | — | 6.2% | Dec 7, 2011 | Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vecto... |
| CVE-2011-4683 | — | — | 2.1% | Dec 7, 2011 | Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe i... |
| CVE-2011-4682 | — | — | 2.1% | Dec 7, 2011 | The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers t... |
| CVE-2011-4681 | — | — | 2.1% | Dec 7, 2011 | Opera before 11.60 does not properly consider the number of . (dot) characters that conventionally exist in domain names... |
| CVE-2011-4680 | — | — | 0.9% | Dec 7, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in the customer portal in vtiger CRM before 5.2.0 allow remote attac... |
| CVE-2011-4679 | — | — | 1.1% | Dec 7, 2011 | vtiger CRM before 5.3.0 does not properly recognize the disabled status of a field in the Leads module, which allows rem... |
| CVE-2011-4263 | — | — | 0.9% | Dec 7, 2011 | Cross-site scripting (XSS) vulnerability in Schneider Electric PowerChute Business Edition before 8.5 allows remote atta... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now