Total
307383 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2715 | 1 Drupal | 2 Data, Drupal | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names. | |||||
| CVE-2011-2714 | 1 Drupal | 2 Data, Drupal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display. | |||||
| CVE-2011-2706 | 1 Snewscms | 1 Snews | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71. | |||||
| CVE-2011-2670 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets | |||||
| CVE-2011-2669 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates. | |||||
| CVE-2011-2668 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header | |||||
| CVE-2011-2538 | 1 Cisco | 1 Telepresence Video Communication Server | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands. | |||||
| CVE-2011-2523 | 2 Debian, Vsftpd Project | 2 Debian Linux, Vsftpd | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp. | |||||
| CVE-2011-2515 | 3 Debian, Packagekit Project, Redhat | 3 Debian Linux, Packagekit, Enterprise Linux Server | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code. | |||||
| CVE-2011-2499 | 1 Mambo-foundation | 1 Mambo Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mambo CMS through 4.6.5 has multiple XSS. | |||||
| CVE-2011-2498 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages. | |||||
| CVE-2011-2487 | 2 Apache, Redhat | 10 Cxf, Wss4j, Jboss Business Rules Management System and 7 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. | |||||
| CVE-2011-2480 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information. | |||||
| CVE-2011-2353 | 1 Google | 1 Blink | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function. | |||||
| CVE-2011-2343 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 2.4 LOW |
| The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer. | |||||
| CVE-2011-2337 | 1 Google | 1 Blink | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A wrong type is used for a return value from strlen in WebKit in Google Chrome before Blink M12 on 64-bit platforms. | |||||
| CVE-2011-2336 | 1 Google | 1 Blink | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue exists in WebKit in Google Chrome before Blink M12. when clearing lists in AnimationControllerPrivate that signal when a hardware animation starts. | |||||
| CVE-2011-2335 | 1 Google | 1 Blink | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function. | |||||
| CVE-2011-2334 | 1 Google | 1 Blink | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections. | |||||
| CVE-2011-2207 | 3 Debian, Gnupg, Redhat | 3 Debian Linux, Gnupg, Enterprise Linux | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate. | |||||