CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2601 CVE-2011-4457 200 +Info 2011-11-17 2011-11-18
2.6
None Remote High Not required Partial None None
OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when JavaScript is disabled, allows user-assisted remote attackers to obtain potentially sensitive information via a crafted FORM element within a NOSCRIPT element.
2602 CVE-2011-4363 59 2012-10-07 2012-10-08
2.6
None Local High Not required None Partial Partial
ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS.
2603 CVE-2011-4345 79 XSS 2011-11-29 2017-02-16
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie.
2604 CVE-2011-4344 79 XSS 2011-12-01 2016-06-13
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins before 1.438, and 1.409 LTS before 1.409.3 LTS, when a stand-alone container is used, allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.
2605 CVE-2011-4327 200 +Info 2014-02-02 2014-02-21
2.1
None Local Low Not required Partial None None
ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
2606 CVE-2011-4142 255 +Info 2012-01-19 2012-01-19
2.1
None Local Low Not required Partial None None
The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these files.
2607 CVE-2011-4132 20 DoS 2012-01-27 2017-12-28
2.1
None Local Low Not required None None Partial
The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value."
2608 CVE-2011-4110 264 DoS 2012-01-27 2016-08-22
2.1
None Local Low Not required None None Partial
The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."
2609 CVE-2011-3985 79 XSS 2011-11-09 2011-11-10
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in Plume before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2610 CVE-2011-3982 399 DoS 2011-10-04 2017-08-28
2.1
None Local Low Not required None None Partial
The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs.
2611 CVE-2011-3975 200 +Info 2011-10-03 2017-08-28
2.6
None Remote High Not required Partial None None
A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers from a log, and other sensitive information, by leveraging the android.permission.INTERNET application permission and establishing TCP sessions to 127.0.0.1 on port 65511 and a second port.
2612 CVE-2011-3872 20 2011-10-27 2019-07-11
2.6
None Remote High Not required None Partial None
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."
2613 CVE-2011-3649 200 Bypass +Info 2011-11-09 2017-09-18
2.6
None Remote High Not required Partial None None
Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE: this issue exists because of a CVE-2011-2986 regression.
2614 CVE-2011-3634 200 +Info 2014-02-28 2014-03-03
2.6
None Remote High Not required Partial None None
methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors.
2615 CVE-2011-3570 2012-01-18 2012-02-07
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality via unknown vectors related to Calendar Server.
2616 CVE-2011-3564 2012-01-18 2012-01-19
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 allows local users to affect confidentiality via unknown vectors related to Administration.
2617 CVE-2011-3552 2011-10-19 2018-01-05
2.6
None Remote High Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking.
2618 CVE-2011-3536 2011-10-18 2017-08-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to DTrace Software Library (libdtrace).
2619 CVE-2011-3522 2011-10-18 2017-08-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade based servers allows local users to affect confidentiality, related to Integrated Lights Out Manager CLI.
2620 CVE-2011-3520 2011-10-18 2017-08-28
2.8
None Remote Medium Multiple systems None Partial None
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49, 8.50, and 8.51 allows remote authenticated users to affect integrity via unknown vectors related to Personalization.
2621 CVE-2011-3435 255 2011-10-14 2017-08-28
2.1
None Local Low Not required Partial None None
Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors.
2622 CVE-2011-3431 200 +Info 2011-10-14 2017-08-28
2.1
None Local Low Not required Partial None None
The Home screen component in Apple iOS before 5 does not properly support a certain application-switching gesture, which might allow physically proximate attackers to obtain sensitive state information by watching the device's screen.
2623 CVE-2011-3429 255 +Info 2011-10-14 2017-08-28
2.1
None Local Low Not required Partial None None
The Settings component in Apple iOS before 5 stores a cleartext parental-restrictions passcode in an unspecified file, which might allow physically proximate attackers to obtain sensitive information by reading this file.
2624 CVE-2011-3427 200 +Info 2011-10-14 2017-08-28
2.6
None Remote High Not required Partial None None
The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.
2625 CVE-2011-3345 119 DoS Overflow Mem. Corr. 2011-09-19 2017-08-28
2.1
None Local Low Not required None None Partial
ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file.
2626 CVE-2011-3328 DoS 2012-01-17 2012-09-21
2.6
None Remote High Not required None None Partial
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certain zero value.
2627 CVE-2011-3266 399 DoS 2011-08-23 2018-10-09
2.6
None Remote High Not required None None Partial
The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree.
2628 CVE-2011-3262 399 DoS 2011-08-19 2017-08-28
2.1
None Local Low Not required None None Partial
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
2629 CVE-2011-3257 264 Bypass 2011-10-14 2017-08-28
2.1
None Local Low Not required Partial None None
The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging a different account's cookie.
2630 CVE-2011-3253 200 +Info 2011-10-14 2011-10-14
2.6
None Remote High Not required Partial None None
CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrary certificate.
2631 CVE-2011-3245 255 +Info 2011-10-14 2017-08-28
2.1
None Local Low Not required Partial None None
The Keyboards component in Apple iOS before 5 displays the final character of an entered password during a subsequent use of a keyboard, which allows physically proximate attackers to obtain sensitive information by reading this character.
2632 CVE-2011-3224 Exec Code 2011-10-14 2012-01-13
2.6
None Remote High Not required None Partial None
The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server.
2633 CVE-2011-3218 79 XSS 2011-10-14 2012-01-13
2.6
None Remote High Not required None Partial None
The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document.
2634 CVE-2011-3216 264 Bypass 2011-10-14 2012-01-13
2.1
None Local Low Not required None Partial None
The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.
2635 CVE-2011-3215 264 Bypass 2011-10-14 2012-01-13
2.1
None Local Low Not required Partial None None
The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state.
2636 CVE-2011-3212 310 +Info 2011-10-14 2012-05-11
2.1
None Local Low Not required Partial None None
CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device.
2637 CVE-2011-3198 255 2014-03-21 2014-03-21
2.1
None Local Low Not required Partial None None
Domain Technologie Control (DTC) before 0.34.1 includes a password in the -b command line argument to htpasswd, which might allow local users to read the password by listing the process and its arguments.
2638 CVE-2011-3196 264 2014-03-21 2014-03-27
2.1
None Local Low Not required Partial None None
The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file.
2639 CVE-2011-3177 200 +Info 2017-09-08 2017-09-18
2.1
None Local Low Not required Partial None None
The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks.
2640 CVE-2011-3149 119 DoS Overflow 2012-07-22 2019-01-03
2.1
None Local Low Not required None None Partial
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
2641 CVE-2011-2977 +Info 2011-08-09 2017-08-28
2.1
None Local Low Not required Partial None None
Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6.
2642 CVE-2011-2712 79 XSS 2011-08-29 2018-10-09
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
2643 CVE-2011-2700 119 DoS Overflow 2011-09-06 2012-03-19
2.1
None Local Low Not required None None Partial
Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls operation with a (1) V4L2_CID_RDS_TX_PS_NAME or (2) V4L2_CID_RDS_TX_RADIO_TEXT control ID.
2644 CVE-2011-2694 79 XSS 2011-07-29 2018-10-30
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page).
2645 CVE-2011-2684 59 2017-10-23 2017-11-21
2.1
None Local Low Not required None Partial None
foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian unstable, and 20090908dfsg-5.1+squeeze0 as packaged in Debian squeeze create temporary files insecurely, which allows local users to write over arbitrary files via a symlink attack on /tmp/foo2zjs.
2646 CVE-2011-2642 79 XSS 2011-08-01 2017-08-28
2.6
None Remote High Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name.
2647 CVE-2011-2527 264 2012-06-21 2017-08-28
2.1
None Local Low Not required Partial None None
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
2648 CVE-2011-2495 264 2012-06-13 2013-12-30
2.1
None Local Low Not required Partial None None
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
2649 CVE-2011-2494 200 +Info 2012-06-13 2017-12-28
2.1
None Local Low Not required Partial None None
kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password.
2650 CVE-2011-2493 DoS 2012-06-13 2012-06-14
2.1
None Local Low Not required None None Partial
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.
Total number of vulnerabilities : 4561   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 (This Page)54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.