Note:
This project will be discontinued after December 13, 2021. [more]
Main entries ~3682 :
Remaining NVD entries (unprocessed / no code available): ~286405 :
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2012-10-03 | CVE-2011-3209 | The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call. | Linux_kernel | N/A | ||
| 2012-05-24 | CVE-2011-3191 | Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. | Linux_kernel, Enterprise_linux | 8.8 | ||
| 2012-05-24 | CVE-2011-3188 | The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. | Arx, Big\-Ip_access_policy_manager, Big\-Ip_analytics, Big\-Ip_application_security_manager, Big\-Ip_edge_gateway, Big\-Ip_global_traffic_manager, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_protocol_security_module, Big\-Ip_wan_optimization_manager, Big\-Ip_webaccelerator, Enterprise_manager, Firepass, Linux_kernel, Enterprise_linux | 9.1 | ||
| 2011-08-29 | CVE-2011-3186 | CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header. | Rails | N/A | ||
| 2014-04-16 | CVE-2011-3180 | kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown. | Kiwi, Studio_extension_for_system_z, Studio_onsite | N/A | ||
| 2018-03-20 | CVE-2011-3178 | In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode. | Open_build_service | 8.8 | ||
| 2017-09-08 | CVE-2011-3177 | The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks. | Yast2 | 7.8 |
| Date | Id | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2025-05-13 | CVE-2025-47858 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47859 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47860 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47861 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47862 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47863 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-4396 | The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 (Free) and <= 2.27.4 (Premium) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries to already existing queries that can be used to extract sensitive... | N/A | 7.5 |