Total
299421 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2177 | 1 Apache | 1 Openoffice | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools. | |||||
| CVE-2011-2054 | 1 Cisco | 24 Asa 5500, Asa 5500 Firmware, Asa 5510 and 21 more | 2024-11-21 | 6.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker must have the correct primary credentials in order to successfully exploit this vulnerability. | |||||
| CVE-2011-1939 | 3 Debian, Php, Zend | 3 Debian Linux, Php, Zend Framework | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6. | |||||
| CVE-2011-1934 | 2 Debian, Lilo Project | 2 Debian Linux, Lilo | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| lilo-uuid-diskid causes lilo.conf to be world-readable in lilo 23.1. | |||||
| CVE-2011-1933 | 1 Jifty\ | 1 \ | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Jifty::DBI before 0.68. | |||||
| CVE-2011-1930 | 2 Debian, Klibc Project | 2 Debian Linux, Klibc | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options. | |||||
| CVE-2011-1830 | 1 Ekiga | 1 Ekiga | 2024-11-21 | 6.8 MEDIUM | 5.7 MEDIUM |
| Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekiga_test.so. | |||||
| CVE-2011-1805 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2011-1803 | 1 Google | 1 Blink | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue exists in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h in WebKit in Google Chrome before Blink M11 and M12 when trying to access a removed smil element. | |||||
| CVE-2011-1802 | 1 Google | 1 Blink | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| WebKit in Google Chrome before Blink M11 and M12 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption). | |||||
| CVE-2011-1762 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publish_posts' permission. | |||||
| CVE-2011-1597 | 1 Openvas | 1 Openvas Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| OpenVAS Manager v2.0.3 allows plugin remote code execution. | |||||
| CVE-2011-1588 | 3 Debian, Opensuse, Xfce | 3 Debian Linux, Opensuse, Thunar | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. | |||||
| CVE-2011-1517 | 1 Sap | 1 Netweaver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash. | |||||
| CVE-2011-1497 | 1 Rubyonrails | 1 Rails | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6. | |||||
| CVE-2011-1490 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset | |||||
| CVE-2011-1489 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset. | |||||
| CVE-2011-1488 | 3 Debian, Opensuse, Rsyslog | 3 Debian Linux, Opensuse, Rsyslog | 2024-11-21 | 1.9 LOW | 5.5 MEDIUM |
| A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time. | |||||
| CVE-2011-1474 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash. | |||||
| CVE-2011-1460 | 1 Google | 1 Blink | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| WebKit in Google Chrome before Blink M11 contains a bad cast to RenderBlock when anonymous blocks are renderblocks. | |||||