Export limit exceeded: 337916 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337916 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4954 | 1 Cobblerd | 1 Cobbler | 2024-11-21 | 7.8 High |
| cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE | ||||
| CVE-2011-4952 | 1 Cobblerd | 1 Cobbler | 2024-11-21 | 8.8 High |
| cobbler: Web interface lacks CSRF protection when using Django framework | ||||
| CVE-2011-4943 | 1 Impresspages | 1 Impresspages Cms | 2024-11-21 | 9.8 Critical |
| ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13) | ||||
| CVE-2011-4938 | 1 Muze | 1 Ariadne | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Ariadne 2.7.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO parameter to (1) index.php and (2) loader.php. | ||||
| CVE-2011-4937 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 High |
| Joomla! 1.7.1 has core information disclosure due to inadequate error checking. | ||||
| CVE-2011-4931 | 2 Debian, Gpw Project | 2 Debian Linux, Gpw | 2024-11-21 | 7.5 High |
| gpw generates shorter passwords than required | ||||
| CVE-2011-4924 | 1 Zope | 1 Zope | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104 | ||||
| CVE-2011-4919 | 1 Mpack Project | 1 Mpack | 2024-11-21 | 7.5 High |
| mpack 1.6 has information disclosure via eavesdropping on mails sent by other users | ||||
| CVE-2011-4917 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat. | ||||
| CVE-2011-4916 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*. | ||||
| CVE-2011-4915 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 5.5 Medium |
| fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts. | ||||
| CVE-2011-4912 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 5.3 Medium |
| Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass. | ||||
| CVE-2011-4908 | 1 Tiny | 1 Tinybrowser | 2024-11-21 | 9.8 Critical |
| TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php. | ||||
| CVE-2011-4907 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 5.3 Medium |
| Joomla! 1.5x through 1.5.12: Missing JEXEC Check | ||||
| CVE-2011-4906 | 1 Tiny | 1 Tinybrowser | 2024-11-21 | 9.8 Critical |
| Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution. | ||||
| CVE-2011-4904 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.5 Medium |
| TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services. | ||||
| CVE-2011-4903 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function. | ||||
| CVE-2011-4902 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.5 Medium |
| TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver. | ||||
| CVE-2011-4901 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.5 Medium |
| TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database. | ||||
| CVE-2011-4900 | 2 Debian, Typo3 | 2 Debian Linux, Typo3 | 2024-11-21 | 6.5 Medium |
| TYPO3 before 4.5.4 allows Information Disclosure in the backend. | ||||