Security Vulnerabilities, CVEs, Published In 2011 (Information Leak) CVSS score >= 6

service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method.

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833.

The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876.

The BlackBerry PlayBook service on the Research In Motion (RIM) BlackBerry PlayBook tablet with software before 1.0.8.6067 allows local users to gain privileges via a crafted configuration file in a backup archive.

Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which allows remote attackers to (1) obtain unspecified sensitive host information or (2) use the server as an inadvertent proxy to connect to arbitrary services and IP addresses via unspecified vectors.