| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complex
ity
|
Authen
tication
|
Confiden
tiality
|
Integrity
|
Availa
bility
|
|
1 |
CVE-2012-0978 |
119 |
|
Exec Code Overflow |
2012-02-02 |
2012-02-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in npjp2.dll in LuraWave JP2 Browser Plug-In 1.1.1.11 and other versions before 2.1.1.11 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. |
|
2 |
CVE-2012-0897 |
119 |
|
Exec Code Overflow |
2012-01-20 |
2012-01-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. |
|
3 |
CVE-2012-0394 |
94 |
1
|
Exec Code |
2012-01-08 |
2012-01-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself." |
|
4 |
CVE-2012-0393 |
264 |
1
|
|
2012-01-08 |
2012-01-12 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object. |
|
5 |
CVE-2012-0314 |
352 |
|
CSRF |
2012-02-02 |
2012-02-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the eAccess Pocket WiFi (aka GP02) router before 2.00 with firmware 11.203.11.05.168 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) initialize settings or (2) reboot the device. |
|
6 |
CVE-2012-0286 |
352 |
|
CSRF |
2012-01-24 |
2012-01-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts. |
|
7 |
CVE-2012-0100 |
|
|
|
2012-01-18 |
2012-01-30 |
6.8 |
None |
Local |
Low |
Single system |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kerberos. |
|
8 |
CVE-2012-0083 |
|
|
|
2012-01-18 |
2012-01-30 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2, 10.1.3.5.1, 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Search. |
|
9 |
CVE-2012-0057 |
264 |
|
|
2012-02-01 |
2012-02-02 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension. |
|
10 |
CVE-2012-0056 |
264 |
|
+Priv |
2012-01-27 |
2012-01-30 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The mem_write function in Linux kernel 2.6.39 and other versions, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper. |
|
11 |
CVE-2012-0005 |
264 |
|
+Priv |
2012-01-10 |
2012-01-31 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean system locale is used, can access uninitialized memory during the processing of Unicode characters, which allows local users to gain privileges via a crafted application, aka "CSRSS Elevation of Privilege Vulnerability." |
|
12 |
CVE-2011-5074 |
352 |
|
CSRF |
2012-01-29 |
2012-02-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to hijack the authentication of administrators for requests that change administrator email, add a new administrator, or insert arbitrary script via (1) user_profile_edit.php or (2) user_add.php. |
|
13 |
CVE-2011-5069 |
|
|
Exec Code |
2012-01-28 |
2012-02-02 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
Unrestricted file upload vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in unspecified directory, a different program than CVE-2011-3833. |
|
14 |
CVE-2011-5068 |
352 |
|
CSRF |
2012-01-28 |
2012-02-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allow remote attackers to hijack the authentication of user for requests that delete a user via user_delete.php and other unspecified programs. |
|
15 |
CVE-2011-5058 |
264 |
|
|
2012-01-10 |
2012-01-11 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to create arbitrary directories under the web root by specifying a non-existent directory using \ (backslash) characters in an HTTP GET request. |
|
16 |
CVE-2011-5054 |
287 |
|
|
2012-01-06 |
2012-01-31 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122. NOTE: the vendor indicates that the possibility of resultant privilege escalation may be "a bit far-fetched." |
|
17 |
CVE-2011-5052 |
119 |
1
|
Exec Code Overflow |
2012-01-04 |
2012-01-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote web servers to execute arbitrary code via a long response to a download request. |
|
18 |
CVE-2011-5050 |
89 |
|
Exec Code Sql |
2012-01-04 |
2012-01-06 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allows remote authenticated administrators to execute arbitrary SQL commands via the tableid parameter. NOTE: some of these details are obtained from third party information. |
|
19 |
CVE-2011-5011 |
352 |
|
CSRF |
2011-12-24 |
2011-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in xt:Commerce 3.0.4 SP2.1 and possibly earlier allow remote attackers to hijack the authentication of Amins for requests that (1) set a New user to Adim via the cID parameter to a statusconfirm action in admin/customers.php and (2) grant permissions to users via the cID parameter to a save action in admin/accounting.php. |
|
20 |
CVE-2011-5004 |
|
|
Exec Code |
2011-12-24 |
2011-12-27 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. |
|
21 |
CVE-2011-4870 |
119 |
|
Exec Code Overflow |
2012-01-07 |
2012-01-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server and Runtime Clients, allow remote attackers to execute arbitrary code via a long string in a property value, a different issue than CVE-2011-3141. |
|
22 |
CVE-2011-4868 |
399 |
|
DoS |
2012-01-14 |
2012-01-17 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update. |
|
23 |
CVE-2011-4866 |
200 |
|
+Info |
2012-01-24 |
2012-01-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The Kaixin001 (com.kaixin001.activity) application 1.3.1 and 1.3.3 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a cleartext password via a crafted application. |
|
24 |
CVE-2011-4837 |
352 |
|
CSRF |
2011-12-14 |
2011-12-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitrary programs. |
|
25 |
CVE-2011-4826 |
89 |
|
Exec Code Sql |
2011-12-14 |
2011-12-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to process.php. NOTE: some of these details are obtained from third party information. |
|
26 |
CVE-2011-4802 |
89 |
|
Exec Code Sql |
2011-12-13 |
2011-12-14 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4) info.php, (5) perms.php, (6) param_ihm.php, (7) note.php, and (8) fiche.php in user/; and (9) rowid parameter to admin/boxes.php. |
|
27 |
CVE-2011-4723 |
310 |
|
+Info |
2011-12-20 |
2011-12-20 |
6.8 |
None |
Remote |
Low |
Single system |
Complete |
None |
None |
|
The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors. |
|
28 |
CVE-2011-4699 |
200 |
|
+Info |
2012-01-24 |
2012-01-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The Ubermedia Twidroyd Legacy (com.twidroydlegacy) application 4.3.11 for Android does not properly protect data, which allows remote attackers to read or modify Twitter information via a crafted application. |
|
29 |
CVE-2011-4698 |
200 |
|
+Info |
2012-01-24 |
2012-01-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The AndroidAppTools Easy Filter (com.phoneblocker.android) application 1.1 and 1.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and call records via a crafted application. |
|
30 |
CVE-2011-4697 |
200 |
|
+Info |
2012-01-24 |
2012-01-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The Xiaomi MiTalk Messenger (com.xiaomi.channel) application before 2.1.320 for Android does not properly protect data, which allows remote attackers to read or modify messaging information via a crafted application. |
|
31 |
CVE-2011-4695 |
|
|
+Priv Bypass |
2011-12-07 |
2011-12-08 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Windows 7 SP1, when Java is installed, allows local users to bypass Internet Explorer sandbox restrictions and gain privileges via unknown vectors, as demonstrated by the White Phosphorus wp_ie_sandbox_escape module for Immunity CANVAS. NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. |
|
32 |
CVE-2011-4682 |
264 |
|
Bypass |
2011-12-07 |
2011-12-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites. |
|
33 |
CVE-2011-4675 |
22 |
|
Dir. Trav. |
2011-12-05 |
2011-12-12 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
The pathname canonicalization functionality in io/filesystem/filesystem.cc in Widelands before 15.1 expands leading ~ (tilde) characters to home-directory pathnames but does not restrict use of these characters in strings received from the network, which might allow remote attackers to conduct absolute path traversal attacks and overwrite arbitrary files via a ~ in a pathname that is used for a file transfer in an Internet game, a different vulnerability than CVE-2011-1932. |
|
34 |
CVE-2011-4646 |
94 |
|
Exec Code Sql |
2011-11-30 |
2011-12-01 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via the id attribute of the ratings shortcode when creating a post. NOTE: some of these details are obtained from third party information. |
|
35 |
CVE-2011-4596 |
22 |
|
Dir. Trav. |
2011-12-23 |
2011-12-26 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest. |
|
36 |
CVE-2011-4566 |
189 |
|
DoS Overflow |
2011-11-28 |
2012-01-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708. |
|
37 |
CVE-2011-4517 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-12-14 |
2012-01-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a malformed JPEG2000 file. |
|
38 |
CVE-2011-4516 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-12-14 |
2012-01-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a JPEG2000 file. |
|
39 |
CVE-2011-4498 |
352 |
|
CSRF |
2011-11-21 |
2011-11-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in the web console in Zenprise Device Manager 6.x through 6.1.8 allows remote attackers to hijack the authentication of administrators for requests that wipe mobile devices. |
|
40 |
CVE-2011-4431 |
22 |
|
Exec Code Dir. Trav. |
2011-11-09 |
2011-11-10 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authenticated users to execute arbitrary commands via a .. (dot dot) in the command_name parameter. |
|
41 |
CVE-2011-4356 |
264 |
|
Exec Code +Priv |
2011-12-05 |
2012-01-03 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process. |
|
42 |
CVE-2011-4266 |
264 |
|
+Priv |
2011-12-13 |
2011-12-13 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991. |
|
43 |
CVE-2011-4159 |
|
|
+Priv |
2011-11-18 |
2011-11-21 |
6.8 |
None |
Local |
Low |
Single system |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. |
|
44 |
CVE-2011-4144 |
|
|
|
2012-02-01 |
2012-02-02 |
6.8 |
None |
Local |
Low |
Single system |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges. |
|
45 |
CVE-2011-4140 |
352 |
|
CSRF |
2011-10-19 |
2011-10-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code. |
|
46 |
CVE-2011-4122 |
22 |
|
+Priv Dir. Trav. |
2011-11-17 |
2012-01-10 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name argument to the pam_start function, as demonstrated by a .. in the -c option to kcheckpass. |
|
47 |
CVE-2011-4118 |
264 |
|
+Priv |
2011-11-14 |
2011-11-15 |
6.0 |
User |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
Mahara before 1.4.1, when MNet (aka the Moodle network feature) is used, allows remote authenticated users to gain privileges via a jump to an XMLRPC target. |
|
48 |
CVE-2011-4077 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-01-27 |
2012-01-30 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname. |
|
49 |
CVE-2011-4063 |
20 |
|
DoS |
2011-10-21 |
2011-10-29 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
|
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request. |
|
50 |
CVE-2011-4061 |
|
|
+Priv |
2011-10-17 |
2011-10-18 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header. |
