Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3427 | 1 Apple | 2 Apple Tv, Iphone Os | 2017-08-29 | 2.6 LOW | N/A |
| The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate. | |||||
| CVE-2011-3429 | 1 Apple | 1 Iphone Os | 2017-08-29 | 2.1 LOW | N/A |
| The Settings component in Apple iOS before 5 stores a cleartext parental-restrictions passcode in an unspecified file, which might allow physically proximate attackers to obtain sensitive information by reading this file. | |||||
| CVE-2011-3430 | 1 Apple | 1 Iphone Os | 2017-08-29 | 9.3 HIGH | N/A |
| The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display. | |||||
| CVE-2011-3431 | 1 Apple | 1 Iphone Os | 2017-08-29 | 2.1 LOW | N/A |
| The Home screen component in Apple iOS before 5 does not properly support a certain application-switching gesture, which might allow physically proximate attackers to obtain sensitive state information by watching the device's screen. | |||||
| CVE-2011-3432 | 1 Apple | 1 Iphone Os | 2017-08-29 | 5.0 MEDIUM | N/A |
| The UIKit Alerts component in Apple iOS before 5 allows remote attackers to cause a denial of service (device hang) via a long tel: URL that triggers a large size for the acceptance dialog. | |||||
| CVE-2011-3434 | 1 Apple | 1 Iphone Os | 2017-08-29 | 4.3 MEDIUM | N/A |
| The WiFi component in Apple iOS before 5 stores WiFi credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application. | |||||
| CVE-2011-3435 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-29 | 2.1 LOW | N/A |
| Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors. | |||||
| CVE-2011-3436 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-29 | 6.5 MEDIUM | N/A |
| Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current password before changing this password, which allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation. | |||||
| CVE-2011-3437 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-29 | 6.8 MEDIUM | N/A |
| Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document. | |||||
| CVE-2011-3486 | 1 Beckhoff | 1 Twincat | 2017-08-29 | 5.0 MEDIUM | N/A |
| Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read. | |||||
| CVE-2011-3489 | 1 Rockwellautomation | 1 Rslogix | 2017-08-29 | 5.0 MEDIUM | N/A |
| RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted rna packet with a long string to TCP port 4446 that triggers (1) "a memset zero overflow" or (2) an out-of-bounds read, related to improper handling of a 32-bit size field. | |||||
| CVE-2011-3491 | 1 Progea | 1 Movicon Powerhmi | 2017-08-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field. | |||||
| CVE-2011-3492 | 1 Azeotech | 1 Daqfactory | 2017-08-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted NETB packet to UDP port 20034. | |||||
| CVE-2011-3498 | 1 Progea | 1 Movicon Powerhmi | 2017-08-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | |||||
| CVE-2011-3499 | 1 Progea | 1 Movicon Powerhmi | 2017-08-29 | 10.0 HIGH | N/A |
| Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location. | |||||
| CVE-2011-3503 | 1 Interactivedata | 1 Esignal | 2017-08-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRS_UT.dll that is located in the same folder as a .quo (QUOTE) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-3508 | 1 Sun | 1 Sunos | 2017-08-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect confidentiality, integrity, and availability, related to LDAP library. | |||||
| CVE-2011-3510 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.3.0 and 11.1.1.5.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Platform Security. | |||||
| CVE-2011-3511 | 1 Oracle | 1 Database Server | 2017-08-29 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect integrity and availability via unknown vectors related to Privileged Account. | |||||
| CVE-2011-3512 | 1 Oracle | 1 Database Server | 2017-08-29 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2011-3513 | 1 Oracle | 1 E-business Suite | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity, related to HTML Pages. | |||||
| CVE-2011-3515 | 1 Sun | 1 Sunos | 2017-08-29 | 5.6 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Solaris 10 and 11 Express allows local users to affect integrity and availability via unknown vectors related to Process File System (procfs). | |||||
| CVE-2011-3517 | 1 Oracle | 1 Sun Products Suite | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication. | |||||
| CVE-2011-3518 | 1 Oracle | 1 Siebel Crm | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - UIF Client component in Oracle Siebel CRM 8.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to User Interface. | |||||
| CVE-2011-3520 | 1 Oracle | 2 Peoplesoft Enterprise Peopletools, Peoplesoft Products | 2017-08-29 | 2.8 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49, 8.50, and 8.51 allows remote authenticated users to affect integrity via unknown vectors related to Personalization. | |||||
| CVE-2011-3522 | 1 Oracle | 19 Netra Sparc T3-1, Netra Sparc T3-1b, Sparc T3-1 and 16 more | 2017-08-29 | 2.1 LOW | N/A |
| Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade based servers allows local users to affect confidentiality, related to Integrated Lights Out Manager CLI. | |||||
| CVE-2011-3523 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 10.1.3.5.0 and 10.1.3.5.1 allows remote authenticated users to affect integrity, related to WSM Console, a different vulnerability than CVE-2011-2237. | |||||
| CVE-2011-3525 | 1 Oracle | 1 Database Server | 2017-08-29 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0 allows remote authenticated users to affect confidentiality, integrity, and availability, related to APEX developer user. | |||||
| CVE-2011-3526 | 1 Oracle | 1 Siebel Crm | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - UIF Server component in Oracle Siebel CRM 8.0.0 and 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface. | |||||
| CVE-2011-3527 | 1 Oracle | 2 Peoplesoft Enterprise Hrms, Peoplesoft Products | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Candidate Gateway. | |||||
| CVE-2011-3528 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to eProfile. | |||||
| CVE-2011-3529 | 1 Oracle | 2 Peoplesoft Enterprise Hrms, Peoplesoft Products | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Talent Acquisition Manager. | |||||
| CVE-2011-3530 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect confidentiality via unknown vectors related to eDevelopment. | |||||
| CVE-2011-3532 | 1 Oracle | 1 Supply Chain Products Suite | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile Product Supplier Collaboration for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0.2, 6.0.0.3, and 6.0.0.4 allows remote attackers to affect confidentiality via unknown vectors related to Supplier Portal. | |||||
| CVE-2011-3533 | 1 Oracle | 2 Peoplesoft Enterprise Hrms, Peoplesoft Products | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect confidentiality and integrity, related to Job Profile Manager (JPM). | |||||
| CVE-2011-3534 | 1 Oracle | 1 Solaris | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Network Status Monitor (statd). | |||||
| CVE-2011-3535 | 1 Oracle | 1 Sun Products Suite | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Remote Quota Server (rquotad). | |||||
| CVE-2011-3536 | 1 Oracle | 1 Solaris | 2017-08-29 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to DTrace Software Library (libdtrace). | |||||
| CVE-2011-3537 | 1 Oracle | 1 Solaris | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Filesystem. | |||||
| CVE-2011-3538 | 1 Oracle | 1 Virtualization | 2017-08-29 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Sun Ray component in Oracle Virtualization 4.0 allows remote attackers to affect integrity, related to Authentication. NOTE: this identifier was inadvertently used for an Oracle Industry Applications issue involving TMS Help, but that issue has been assigned CVE-2011-2323. | |||||
| CVE-2011-3539 | 1 Oracle | 1 Solaris | 2017-08-29 | 1.7 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Zones. | |||||
| CVE-2011-3541 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 1.9 LOW | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows local users to affect availability via unknown vectors related to Outside In Filters. | |||||
| CVE-2011-3542 | 1 Sun | 1 Sunos | 2017-08-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Performance Counter BackEnd Module (pcbe). | |||||
| CVE-2011-3543 | 1 Sun | 1 Sunos | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to iSCSI DataMover (IDM). | |||||
| CVE-2011-3559 | 1 Oracle | 3 Communications Server, Glassfish Server, Java System Application Server | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1; and Sun Java System App Server 8.1 and 8.2 allows remote attackers to affect availability via unknown vectors related to Web Container. | |||||
| CVE-2011-3562 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2011-3575 | 1 Ibm | 1 Lotus Domino | 2017-08-29 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino 8.5.2 allows remote authenticated users to execute arbitrary code via a long tHPRAgentName parameter in an fmHttpPostRequest OpenForm action to WebAdmin.nsf. | |||||
| CVE-2011-3579 | 1 Icewarp | 1 Mail Server | 2017-08-29 | 6.4 MEDIUM | N/A |
| server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference. | |||||
| CVE-2011-3580 | 1 Icewarp | 1 Mail Server | 2017-08-29 | 5.0 MEDIUM | N/A |
| IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function. | |||||
| CVE-2011-3615 | 1 Simplemachines | 1 Smf | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Simple Machines Forum (SMF) before 1.1.15 and 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via vectors involving a (1) HTML entity or (2) display name. NOTE: some of these details are obtained from third party information. | |||||