Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3492 | 1 Azeotech | 1 Daqfactory | 2017-08-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted NETB packet to UDP port 20034. | |||||
| CVE-2011-3498 | 1 Progea | 1 Movicon Powerhmi | 2017-08-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | |||||
| CVE-2011-3499 | 1 Progea | 1 Movicon Powerhmi | 2017-08-29 | 10.0 HIGH | N/A |
| Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location. | |||||
| CVE-2011-3503 | 1 Interactivedata | 1 Esignal | 2017-08-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRS_UT.dll that is located in the same folder as a .quo (QUOTE) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-3508 | 1 Sun | 1 Sunos | 2017-08-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect confidentiality, integrity, and availability, related to LDAP library. | |||||
| CVE-2011-3510 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.3.0 and 11.1.1.5.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Platform Security. | |||||
| CVE-2011-3511 | 1 Oracle | 1 Database Server | 2017-08-29 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect integrity and availability via unknown vectors related to Privileged Account. | |||||
| CVE-2011-3512 | 1 Oracle | 1 Database Server | 2017-08-29 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2011-3513 | 1 Oracle | 1 E-business Suite | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity, related to HTML Pages. | |||||
| CVE-2011-3515 | 1 Sun | 1 Sunos | 2017-08-29 | 5.6 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Solaris 10 and 11 Express allows local users to affect integrity and availability via unknown vectors related to Process File System (procfs). | |||||
| CVE-2011-3517 | 1 Oracle | 1 Sun Products Suite | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication. | |||||
| CVE-2011-3518 | 1 Oracle | 1 Siebel Crm | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - UIF Client component in Oracle Siebel CRM 8.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to User Interface. | |||||
| CVE-2011-3520 | 1 Oracle | 2 Peoplesoft Enterprise Peopletools, Peoplesoft Products | 2017-08-29 | 2.8 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49, 8.50, and 8.51 allows remote authenticated users to affect integrity via unknown vectors related to Personalization. | |||||
| CVE-2011-3522 | 1 Oracle | 19 Netra Sparc T3-1, Netra Sparc T3-1b, Sparc T3-1 and 16 more | 2017-08-29 | 2.1 LOW | N/A |
| Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade based servers allows local users to affect confidentiality, related to Integrated Lights Out Manager CLI. | |||||
| CVE-2011-3523 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 10.1.3.5.0 and 10.1.3.5.1 allows remote authenticated users to affect integrity, related to WSM Console, a different vulnerability than CVE-2011-2237. | |||||
| CVE-2011-3525 | 1 Oracle | 1 Database Server | 2017-08-29 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0 allows remote authenticated users to affect confidentiality, integrity, and availability, related to APEX developer user. | |||||
| CVE-2011-3526 | 1 Oracle | 1 Siebel Crm | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core - UIF Server component in Oracle Siebel CRM 8.0.0 and 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface. | |||||
| CVE-2011-3527 | 1 Oracle | 2 Peoplesoft Enterprise Hrms, Peoplesoft Products | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Candidate Gateway. | |||||
| CVE-2011-3528 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to eProfile. | |||||
| CVE-2011-3529 | 1 Oracle | 2 Peoplesoft Enterprise Hrms, Peoplesoft Products | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Talent Acquisition Manager. | |||||
| CVE-2011-3530 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect confidentiality via unknown vectors related to eDevelopment. | |||||
| CVE-2011-3532 | 1 Oracle | 1 Supply Chain Products Suite | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile Product Supplier Collaboration for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0.2, 6.0.0.3, and 6.0.0.4 allows remote attackers to affect confidentiality via unknown vectors related to Supplier Portal. | |||||
| CVE-2011-3533 | 1 Oracle | 2 Peoplesoft Enterprise Hrms, Peoplesoft Products | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect confidentiality and integrity, related to Job Profile Manager (JPM). | |||||
| CVE-2011-3534 | 1 Oracle | 1 Solaris | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Network Status Monitor (statd). | |||||
| CVE-2011-3535 | 1 Oracle | 1 Sun Products Suite | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Remote Quota Server (rquotad). | |||||
| CVE-2011-3536 | 1 Oracle | 1 Solaris | 2017-08-29 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to DTrace Software Library (libdtrace). | |||||
| CVE-2011-3537 | 1 Oracle | 1 Solaris | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Filesystem. | |||||
| CVE-2011-3538 | 1 Oracle | 1 Virtualization | 2017-08-29 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Sun Ray component in Oracle Virtualization 4.0 allows remote attackers to affect integrity, related to Authentication. NOTE: this identifier was inadvertently used for an Oracle Industry Applications issue involving TMS Help, but that issue has been assigned CVE-2011-2323. | |||||
| CVE-2011-3539 | 1 Oracle | 1 Solaris | 2017-08-29 | 1.7 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Zones. | |||||
| CVE-2011-3541 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 1.9 LOW | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows local users to affect availability via unknown vectors related to Outside In Filters. | |||||
| CVE-2011-3542 | 1 Sun | 1 Sunos | 2017-08-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Performance Counter BackEnd Module (pcbe). | |||||
| CVE-2011-3543 | 1 Sun | 1 Sunos | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to iSCSI DataMover (IDM). | |||||
| CVE-2011-3559 | 1 Oracle | 3 Communications Server, Glassfish Server, Java System Application Server | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1; and Sun Java System App Server 8.1 and 8.2 allows remote attackers to affect availability via unknown vectors related to Web Container. | |||||
| CVE-2011-3562 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2011-3575 | 1 Ibm | 1 Lotus Domino | 2017-08-29 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino 8.5.2 allows remote authenticated users to execute arbitrary code via a long tHPRAgentName parameter in an fmHttpPostRequest OpenForm action to WebAdmin.nsf. | |||||
| CVE-2011-3579 | 1 Icewarp | 1 Mail Server | 2017-08-29 | 6.4 MEDIUM | N/A |
| server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference. | |||||
| CVE-2011-3580 | 1 Icewarp | 1 Mail Server | 2017-08-29 | 5.0 MEDIUM | N/A |
| IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function. | |||||
| CVE-2011-3615 | 1 Simplemachines | 1 Smf | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Simple Machines Forum (SMF) before 1.1.15 and 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via vectors involving a (1) HTML entity or (2) display name. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-3667 | 1 Mozilla | 1 Bugzilla | 2017-08-29 | 6.8 MEDIUM | N/A |
| The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account settings, which allows remote attackers to create user accounts by leveraging a token contained in an e-mail message. | |||||
| CVE-2011-3713 | 1 Powerdrummer | 1 Cftp | 2017-08-29 | 5.0 MEDIUM | N/A |
| cFTP r80 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/session_check.php and certain other files. | |||||
| CVE-2011-3760 | 1 Nucleuscms | 1 Nucleus Cms | 2017-08-29 | 5.0 MEDIUM | N/A |
| Nucleus 3.61 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/api_nucleus.inc.php and certain other files. | |||||
| CVE-2011-3761 | 1 Dietrich Ayala | 1 Nusoap | 2017-08-29 | 5.0 MEDIUM | N/A |
| NuSOAP 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by nuSOAP/classes/class.wsdl.php and certain other files. | |||||
| CVE-2011-3762 | 1 Open-blog | 1 Openblog | 2017-08-29 | 5.0 MEDIUM | N/A |
| OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files. | |||||
| CVE-2011-3763 | 1 Opencart | 1 Opencart | 2017-08-29 | 5.0 MEDIUM | N/A |
| OpenCart 1.4.9.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/startup.php and certain other files. | |||||
| CVE-2011-3764 | 1 Opendocman | 1 Opendocman | 2017-08-29 | 5.0 MEDIUM | N/A |
| OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by User_Perms_class.php and certain other files. | |||||
| CVE-2011-3765 | 1 Open-realty | 1 Open-realty | 2017-08-29 | 5.0 MEDIUM | N/A |
| Open-Realty 2.5.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/versions/upgrade_115.inc.php and certain other files. | |||||
| CVE-2011-3766 | 1 Orangehrm | 1 Orangehrm | 2017-08-29 | 5.0 MEDIUM | N/A |
| OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/orange/menu/Menu.php and certain other files. | |||||
| CVE-2011-3767 | 1 Oscommerce | 1 Oscommerce | 2017-08-29 | 5.0 MEDIUM | N/A |
| osCommerce 3.0a5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by redirect.php. | |||||
| CVE-2011-3768 | 1 Phorum | 1 Phorum | 2017-08-29 | 5.0 MEDIUM | N/A |
| Phorum 5.2.15a allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by css.php and certain other files. | |||||
| CVE-2011-3769 | 1 Blondish | 1 Phpads | 2017-08-29 | 5.0 MEDIUM | N/A |
| PHPads 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ads.inc.php. | |||||