Export limit exceeded: 337951 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337951 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2717 | 2 Linux, Redhat | 2 Dhcp6c, Enterprise Linux | 2024-11-21 | 9.8 Critical |
| The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. | ||||
| CVE-2011-2715 | 1 Drupal | 2 Data, Drupal | 2024-11-21 | 9.8 Critical |
| An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names. | ||||
| CVE-2011-2714 | 1 Drupal | 2 Data, Drupal | 2024-11-21 | 6.1 Medium |
| A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display. | ||||
| CVE-2011-2706 | 1 Snewscms | 1 Snews | 2024-11-21 | 6.1 Medium |
| A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71. | ||||
| CVE-2011-2670 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.1 Medium |
| Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets | ||||
| CVE-2011-2669 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.5 Medium |
| Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates. | ||||
| CVE-2011-2668 | 1 Mozilla | 1 Firefox | 2024-11-21 | 8.8 High |
| Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header | ||||
| CVE-2011-2538 | 1 Cisco | 1 Telepresence Video Communication Server | 2024-11-21 | 7.2 High |
| Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands. | ||||
| CVE-2011-2523 | 2 Debian, Vsftpd Project | 2 Debian Linux, Vsftpd | 2024-11-21 | 9.8 Critical |
| vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp. | ||||
| CVE-2011-2515 | 3 Debian, Packagekit Project, Redhat | 3 Debian Linux, Packagekit, Enterprise Linux Server | 2024-11-21 | 5.3 Medium |
| PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code. | ||||
| CVE-2011-2499 | 1 Mambo-foundation | 1 Mambo Cms | 2024-11-21 | 6.1 Medium |
| Mambo CMS through 4.6.5 has multiple XSS. | ||||
| CVE-2011-2498 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 5.5 Medium |
| The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages. | ||||
| CVE-2011-2487 | 2 Apache, Redhat | 12 Cxf, Wss4j, Jboss Business Rules Management System and 9 more | 2024-11-21 | 5.9 Medium |
| The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. | ||||
| CVE-2011-2480 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2024-11-21 | 7.5 High |
| Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information. | ||||
| CVE-2011-2353 | 1 Google | 1 Blink | 2024-11-21 | 6.5 Medium |
| Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function. | ||||
| CVE-2011-2343 | 1 Google | 1 Android | 2024-11-21 | 2.4 Low |
| The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer. | ||||
| CVE-2011-2337 | 1 Google | 1 Blink | 2024-11-21 | 9.8 Critical |
| A wrong type is used for a return value from strlen in WebKit in Google Chrome before Blink M12 on 64-bit platforms. | ||||
| CVE-2011-2336 | 1 Google | 1 Blink | 2024-11-21 | 6.5 Medium |
| An issue exists in WebKit in Google Chrome before Blink M12. when clearing lists in AnimationControllerPrivate that signal when a hardware animation starts. | ||||
| CVE-2011-2335 | 1 Google | 1 Blink | 2024-11-21 | 7.5 High |
| A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function. | ||||
| CVE-2011-2334 | 1 Google | 1 Blink | 2024-11-21 | 6.5 Medium |
| Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections. | ||||