Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (322932 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-4967 2 Openpegasus, Redhat 2 Tog-pegasus, Enterprise Linux 2024-11-21 7.5 High
tog-Pegasus has a package hash collision DoS vulnerability
CVE-2011-4954 1 Cobblerd 1 Cobbler 2024-11-21 7.8 High
cobbler has local privilege escalation via the use of insecure location for PYTHON_EGG_CACHE
CVE-2011-4952 1 Cobblerd 1 Cobbler 2024-11-21 8.8 High
cobbler: Web interface lacks CSRF protection when using Django framework
CVE-2011-4943 1 Impresspages 1 Impresspages Cms 2024-11-21 9.8 Critical
ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13)
CVE-2011-4938 1 Muze 1 Ariadne 2024-11-21 6.1 Medium
Multiple cross-site scripting (XSS) vulnerabilities in Ariadne 2.7.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO parameter to (1) index.php and (2) loader.php.
CVE-2011-4937 1 Joomla 1 Joomla\! 2024-11-21 7.5 High
Joomla! 1.7.1 has core information disclosure due to inadequate error checking.
CVE-2011-4931 2 Debian, Gpw Project 2 Debian Linux, Gpw 2024-11-21 7.5 High
gpw generates shorter passwords than required
CVE-2011-4924 1 Zope 1 Zope 2024-11-21 6.1 Medium
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104
CVE-2011-4919 1 Mpack Project 1 Mpack 2024-11-21 7.5 High
mpack 1.6 has information disclosure via eavesdropping on mails sent by other users
CVE-2011-4917 1 Linux 1 Linux Kernel 2024-11-21 5.5 Medium
In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.
CVE-2011-4916 1 Linux 1 Linux Kernel 2024-11-21 5.5 Medium
Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.
CVE-2011-4915 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-11-21 5.5 Medium
fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.
CVE-2011-4912 1 Joomla 1 Joomla\! 2024-11-21 5.3 Medium
Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass.
CVE-2011-4908 1 Tiny 1 Tinybrowser 2024-11-21 9.8 Critical
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.
CVE-2011-4907 1 Joomla 1 Joomla\! 2024-11-21 5.3 Medium
Joomla! 1.5x through 1.5.12: Missing JEXEC Check
CVE-2011-4906 1 Tiny 1 Tinybrowser 2024-11-21 9.8 Critical
Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution.
CVE-2011-4904 1 Typo3 1 Typo3 2024-11-21 6.5 Medium
TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services.
CVE-2011-4903 1 Typo3 1 Typo3 2024-11-21 6.1 Medium
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function.
CVE-2011-4902 1 Typo3 1 Typo3 2024-11-21 6.5 Medium
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver.
CVE-2011-4901 1 Typo3 1 Typo3 2024-11-21 6.5 Medium
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database.