| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
66251 |
CVE-2011-4107 |
200 |
1
|
+Info |
2011-11-17 |
2017-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack. |
|
66252 |
CVE-2011-4106 |
20 |
2
|
Exec Code |
2013-10-26 |
2013-10-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache directory, as exploited in the wild in August 2011. |
|
66253 |
CVE-2011-4104 |
20 |
|
Exec Code |
2014-10-26 |
2018-08-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method. |
|
66254 |
CVE-2011-4103 |
20 |
|
Exec Code |
2014-10-26 |
2014-12-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method. |
|
66255 |
CVE-2011-4102 |
119 |
|
DoS Overflow |
2011-11-03 |
2017-09-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. |
|
66256 |
CVE-2011-4101 |
|
|
DoS |
2011-11-03 |
2017-09-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. |
|
66257 |
CVE-2011-4100 |
399 |
|
DoS |
2011-11-03 |
2017-09-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
66258 |
CVE-2011-4099 |
264 |
|
Bypass |
2014-02-07 |
2014-02-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors. |
|
66259 |
CVE-2011-4097 |
189 |
|
DoS Overflow |
2012-05-17 |
2012-05-17 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory. |
|
66260 |
CVE-2011-4096 |
399 |
|
DoS |
2011-11-17 |
2016-11-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record. |
|
66261 |
CVE-2011-4093 |
190 |
|
Overflow +Priv |
2014-02-10 |
2018-10-30 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided. |
|
66262 |
CVE-2011-4092 |
20 |
|
|
2014-02-10 |
2014-02-10 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
obby (aka libobby) does not verify SSL server certificates, which allows remote attackers to spoof servers via an arbitrary certificate. |
|
66263 |
CVE-2011-4091 |
287 |
|
+Info |
2014-02-10 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information such as server-usage patterns by a particular user and color preferences. |
|
66264 |
CVE-2011-4089 |
264 |
1
|
Exec Code |
2014-04-16 |
2014-04-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory. |
|
66265 |
CVE-2011-4087 |
399 |
|
DoS |
2013-06-08 |
2013-06-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device. |
|
66266 |
CVE-2011-4086 |
119 |
|
DoS Overflow |
2012-07-03 |
2017-12-28 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal. |
|
66267 |
CVE-2011-4085 |
287 |
|
Bypass |
2012-11-23 |
2014-03-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication by sending a request with a different method. NOTE: this vulnerability exists because of a CVE-2010-0738 regression. |
|
66268 |
CVE-2011-4084 |
399 |
|
DoS |
2011-12-29 |
2011-12-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 does not properly handle a large number of form parameters, which might allow remote attackers to cause a denial of service (CPU consumption) via a request that triggers storage of many parameters in a hash table. |
|
66269 |
CVE-2011-4083 |
310 |
|
+Info |
2014-02-17 |
2014-02-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement in an archive of debugging information, which might allow remote attackers to obtain sensitive information by reading the archive. |
|
66270 |
CVE-2011-4081 |
|
|
DoS |
2012-05-24 |
2012-05-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket. |
|
66271 |
CVE-2011-4080 |
264 |
|
Bypass |
2012-05-24 |
2012-05-29 |
4.0 |
None |
Local |
High |
Not required |
Complete |
None |
None |
|
The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAP_SYS_ADMIN capability to modify the dmesg_restrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as demonstrated by a root user in a Linux Containers (aka LXC) environment. |
|
66272 |
CVE-2011-4079 |
189 |
|
DoS Overflow |
2011-10-27 |
2017-08-28 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry. |
|
66273 |
CVE-2011-4078 |
399 |
|
DoS |
2011-11-03 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containing only a URL, a related issue to CVE-2011-3379. |
|
66274 |
CVE-2011-4077 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-01-27 |
2016-08-22 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname. |
|
66275 |
CVE-2011-4075 |
94 |
1
|
Exec Code |
2011-11-02 |
2011-11-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine action to cmd.php, as exploited in the wild in October 2011. |
|
66276 |
CVE-2011-4074 |
79 |
|
XSS |
2011-11-02 |
2011-11-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an _debug command. |
|
66277 |
CVE-2011-4073 |
399 |
|
DoS |
2011-11-17 |
2019-07-29 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_outI1 functions. |
|
66278 |
CVE-2011-4069 |
90 |
|
Bypass |
2018-02-01 |
2018-02-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection attacks and consequently bypass authentication via a crafted username. |
|
66279 |
CVE-2011-4068 |
287 |
|
Bypass |
2018-02-01 |
2018-02-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The check_password function in html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to bypass authentication via an empty password. |
|
66280 |
CVE-2011-4066 |
89 |
1
|
Exec Code Sql |
2011-11-04 |
2017-08-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO. |
|
66281 |
CVE-2011-4064 |
79 |
|
XSS |
2011-11-01 |
2011-12-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value. |
|
66282 |
CVE-2011-4063 |
20 |
|
DoS |
2011-10-21 |
2018-10-09 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
|
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request. |
|
66283 |
CVE-2011-4062 |
119 |
1
|
DoS Overflow +Priv |
2011-10-17 |
2011-12-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX socket. |
|
66284 |
CVE-2011-4061 |
|
|
+Priv |
2011-10-17 |
2018-10-11 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header. |
|
66285 |
CVE-2011-4057 |
399 |
|
DoS |
2012-01-13 |
2012-01-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Wibu-Systems AG CodeMeter Runtime 4.30c, 4.10b, and possibly other versions before 4.40 allows remote attackers to cause a denial of service (CodeMeter.exe crash) via certain crafted packets to TCP port 22350. |
|
66286 |
CVE-2011-4056 |
|
|
|
2012-01-07 |
2012-01-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files via the save method. |
|
66287 |
CVE-2011-4055 |
119 |
|
Exec Code Overflow |
2012-01-07 |
2017-08-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL. |
|
66288 |
CVE-2011-4054 |
79 |
|
XSS |
2011-12-08 |
2012-03-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows remote attackers to inject arbitrary web script or HTML via the postpreservationdata parameter. |
|
66289 |
CVE-2011-4053 |
|
|
+Priv |
2012-01-19 |
2012-01-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) before 9.0.0.11291 allows local users to gain privileges via a Trojan horse DLL in the current working directory. |
|
66290 |
CVE-2011-4052 |
119 |
|
Exec Code Overflow |
2011-12-05 |
2011-12-22 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 allows remote attackers to execute arbitrary code via a crafted 0x15 (aka Remove File) operation for a file with a long name. |
|
66291 |
CVE-2011-4051 |
287 |
|
Exec Code |
2011-12-05 |
2011-12-08 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control. |
|
66292 |
CVE-2011-4050 |
119 |
|
DoS Overflow |
2011-12-26 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows remote attackers to cause a denial of service via a crafted packet to TCP port 12401. |
|
66293 |
CVE-2011-4048 |
255 |
|
+Info |
2011-11-11 |
2015-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials. |
|
66294 |
CVE-2011-4047 |
94 |
|
Exec Code |
2011-11-11 |
2011-11-14 |
9.3 |
Admin |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access. |
|
66295 |
CVE-2011-4046 |
310 |
|
+Info |
2011-11-11 |
2011-11-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code. |
|
66296 |
CVE-2011-4045 |
119 |
|
DoS Overflow |
2012-04-02 |
2012-04-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document. |
|
66297 |
CVE-2011-4044 |
|
|
|
2012-04-02 |
2012-04-03 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods. |
|
66298 |
CVE-2011-4043 |
189 |
|
Exec Code Overflow |
2012-04-02 |
2012-04-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow. |
|
66299 |
CVE-2011-4042 |
|
|
Exec Code |
2012-04-02 |
2012-04-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer. |
|
66300 |
CVE-2011-4041 |
94 |
|
Exec Code |
2012-02-06 |
2012-12-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or obtain a security-code value via a long string in an RPC request to TCP port 4592. |
