Total
299295 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1517 | 1 Sap | 1 Netweaver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash. | |||||
| CVE-2011-1497 | 1 Rubyonrails | 1 Rails | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6. | |||||
| CVE-2011-1490 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset | |||||
| CVE-2011-1489 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset. | |||||
| CVE-2011-1488 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2024-11-21 | 1.9 LOW | 5.5 MEDIUM |
| A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time. | |||||
| CVE-2011-1474 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash. | |||||
| CVE-2011-1460 | 1 Google | 1 Blink | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| WebKit in Google Chrome before Blink M11 contains a bad cast to RenderBlock when anonymous blocks are renderblocks. | |||||
| CVE-2011-1459 | 1 Google | 1 Blink | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an attacker to cause a denial of service (crash) via the htmlpluginelement.cpp plugin. | |||||
| CVE-2011-1408 | 2 Debian, Ikiwiki | 2 Debian Linux, Ikiwiki | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks. | |||||
| CVE-2011-1298 | 2 Apple, Google | 2 Macos, Blink | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function. | |||||
| CVE-2011-1151 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters. | |||||
| CVE-2011-1150 | 1 Bbpress | 1 Bbpress | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter. | |||||
| CVE-2011-1145 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Enterprise Linux and 1 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. | |||||
| CVE-2011-1136 | 2 Debian, Tesseract Project | 2 Debian Linux, Tesseract | 2024-11-21 | 6.3 MEDIUM | 4.7 MEDIUM |
| In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file. | |||||
| CVE-2011-1135 | 1 S9y | 1 Serendipity | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php. | |||||
| CVE-2011-1134 | 1 S9y | 1 Serendipity | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager. | |||||
| CVE-2011-1133 | 1 S9y | 1 Serendipity | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php. | |||||
| CVE-2011-1086 | 1 Openfiler | 1 Openfiler | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in admin/system.html in Openfiler 2.3 allows remote attackers to inject arbitrary web script or HTML via the device parameter. | |||||
| CVE-2011-1085 | 1 Smoothwall | 1 Smoothwall Express | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| CSRF vulnerability in Smoothwall Express 3. | |||||
| CVE-2011-1084 | 1 Smoothwall | 1 Smoothwall Express | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Smoothwall Express 3. | |||||