Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3987 | 1 Daemon-tools | 1 Daemon Tools | 2017-08-28 | 4.9 MEDIUM | N/A |
| dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard before 4.41.0315, and Pro Advanced before 4.41.0315 allows local users to cause a denial of service (system crash) via an invalid DeviceIoControl request to \\.\dtsoftbusctl. | |||||
| CVE-2011-3988 | 1 Lockon | 1 Ec-cube | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11.0 through 2.11.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-3989 | 1 Hiroyuki Oyama | 1 Dbd\ | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-3991 | 1 Ffftp | 1 Ffftp | 2017-08-28 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in FFFTP 1.98a and earlier allows local users to execute arbitrary code via unspecified functions. | |||||
| CVE-2011-3995 | 1 Tasofro | 1 Touhou-hisouten | 2017-08-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 and earlier allows remote attackers to cause a denial of service (daemon crash) via unknown network traffic. | |||||
| CVE-2011-3996 | 1 Controlsystemworks | 1 Csworks | 2017-08-28 | 5.0 MEDIUM | N/A |
| The LiveData Service in CSWorks before 2.0.4115.1 allows remote attackers to cause a denial of service (service crash) via crafted TCP packets. | |||||
| CVE-2011-4005 | 1 Cisco | 8 Small Business Srp520 Series Firmware, Small Business Srp521w, Small Business Srp526w and 5 more | 2017-08-28 | 9.3 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware before 1.1.24 and the Small Business SRP541W, SRP546W, and SRP547W with firmware before 1.2.1 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands, aka Bug ID CSCtr45124. | |||||
| CVE-2011-4026 | 1 Xia Zuojie | 1 Nexusphp | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in thanks.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2011-4035 | 1 Schneider-electric | 3 Citecthistorian, Citectscada Reports, Vijeo Historian | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-4050 | 1 7t | 1 Igss | 2017-08-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows remote attackers to cause a denial of service via a crafted packet to TCP port 12401. | |||||
| CVE-2011-4055 | 1 Siemens | 1 Tecnomatix Factorylink | 2017-08-28 | 9.3 HIGH | N/A |
| Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL. | |||||
| CVE-2011-4066 | 1 Sir | 1 Gnuboard | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO. | |||||
| CVE-2011-4078 | 2 Php, Roundcube | 2 Php, Webmail | 2017-08-28 | 5.0 MEDIUM | N/A |
| include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containing only a URL, a related issue to CVE-2011-3379. | |||||
| CVE-2011-4107 | 1 Phpmyadmin | 1 Phpmyadmin | 2017-08-28 | 4.3 MEDIUM | N/A |
| The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack. | |||||
| CVE-2011-4109 | 1 Openssl | 1 Openssl | 2017-08-28 | 9.3 HIGH | N/A |
| Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. | |||||
| CVE-2011-4113 | 2 Drupal, Earl Miles | 2 Drupal, Views | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Views module before 6.x-2.13 for Drupal allows remote attackers to execute arbitrary SQL commands via vectors related to "filters/arguments on certain types of views with specific configurations of arguments." | |||||
| CVE-2011-4122 | 1 Freebsd | 1 Freebsd | 2017-08-28 | 6.9 MEDIUM | N/A |
| Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name argument to the pam_start function, as demonstrated by a .. in the -c option to kcheckpass. | |||||
| CVE-2011-4141 | 1 Rsa | 1 Securid | 2017-08-28 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in EMC RSA SecurID Software Token 4.1 before 4.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Software Token file. | |||||
| CVE-2011-4157 | 1 Hp | 3 Centralized Management Console Software, San\/iq, Storageworks P4000 Virtual San Appliance | 2017-08-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request. | |||||
| CVE-2011-4162 | 1 Hp | 1 Protecttools Device Access Manager | 2017-08-28 | 7.5 HIGH | N/A |
| The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) before 6.1.0.1 allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a long SidString argument. | |||||