Total
5476 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2547 | 1 Cisco | 4 Sa500 Software, Sa520, Sa520w and 1 more | 2025-04-11 | N/A |
| The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681. | ||||
| CVE-2011-2569 | 1 Cisco | 3 Nx-os, Unified Computing System, Unified Computing System Infrastructure And Unified Computing System Software | 2025-04-11 | N/A |
| Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188. | ||||
| CVE-2011-2584 | 1 Cisco | 1 Show And Share | 2025-04-11 | N/A |
| Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows remote attackers to access the (1) Encoders and Pull Configurations, (2) Push Configurations, (3) Video Encoding Formats, and (4) Transcoding administration pages, and cause a denial of service (live event outage) or obtain potentially sensitive information, via unspecified vectors, aka Bug ID CSCto73758. | ||||
| CVE-2011-2601 | 1 Apple | 1 Mac Os X | 2025-04-11 | N/A |
| The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service (desktop hang) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK. | ||||
| CVE-2011-2674 | 1 Basercms | 1 Basercms | 2025-04-11 | N/A |
| BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors. | ||||
| CVE-2011-2677 | 1 Cybozu | 1 Office | 2025-04-11 | N/A |
| Cybozu Office before 8.0.0 allows remote authenticated users to bypass intended access restrictions and access sensitive information (time card and attendance) via unspecified vectors related to manipulation of a URL. | ||||
| CVE-2011-2741 | 1 Emc | 1 Rsa Adaptive Authentication On-premise | 2025-04-11 | N/A |
| EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly implement Device Recovery and Device Identification, which might allow remote attackers to bypass intended security restrictions on a (1) previously non-registered device or (2) registered device by sending unspecified "data elements." | ||||
| CVE-2011-2760 | 1 Brocade | 1 Bigiron Rx Switch | 2025-04-11 | N/A |
| Brocade BigIron RX switches allow remote attackers to bypass ACL rules by using 179 as the source port of a packet. | ||||
| CVE-2011-2768 | 1 Tor | 1 Tor | 2025-04-11 | N/A |
| Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected. | ||||
| CVE-2011-2862 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google V8, as used in Google Chrome before 14.0.835.163, does not properly restrict access to built-in objects, which has unspecified impact and remote attack vectors. | ||||
| CVE-2011-3001 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-11 | N/A |
| Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error. | ||||
| CVE-2011-3014 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2025-04-11 | N/A |
| The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation. | ||||
| CVE-2011-3084 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on an internal page, which might allow attackers to bypass intended sandbox restrictions via a crafted page. | ||||
| CVE-2011-3098 | 3 Google, Microsoft, Opensuse | 3 Chrome, Windows, Opensuse | 2025-04-11 | N/A |
| Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory. | ||||
| CVE-2011-3123 | 2 Ibm, Linux | 3 Infosphere Datastage, Infosphere Information Server, Linux Kernel | 2025-04-11 | N/A |
| IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | ||||
| CVE-2011-3124 | 2 Ibm, Linux | 3 Infosphere Datastage, Infosphere Information Server, Linux Kernel | 2025-04-11 | N/A |
| IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, assigns incorrect ownership to unspecified files, which allows local users to gain privileges via unknown vectors. | ||||
| CVE-2011-3214 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in display sleep mode for an Apple Cinema Display, which allows physically proximate attackers to bypass the password requirement via unspecified vectors. | ||||
| CVE-2011-3216 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call. | ||||
| CVE-2011-3226 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 server is used with RFC 2307 or custom mappings, allows remote attackers to bypass the password requirement by leveraging lack of an AuthenticationAuthority attribute for a user account. | ||||
| CVE-2011-3230 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2025-04-11 | N/A |
| Apple Safari before 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote attackers to execute arbitrary code via a crafted web site. | ||||