Total
35800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4622 | 1 Redhat | 1 Kvm | 2026-06-16 | 4.9 MEDIUM | N/A |
| The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer. | |||||
| CVE-2011-4548 | 3 Acer, Google, Samsung | 4 Ac700 Chromebook, Chrome Os, Cr-48 Chromebook and 1 more | 2026-06-16 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.44 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||||
| CVE-2011-4534 | 1 Copadata | 1 Zenon | 2026-06-16 | 7.5 HIGH | N/A |
| ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via a series of connections and disconnections on TCP port 1101, aka Reference Number 25212. | |||||
| CVE-2011-4533 | 1 Copadata | 1 Zenon | 2026-06-16 | 7.5 HIGH | N/A |
| zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted packet to TCP port 50777, aka Reference Number 25240. | |||||
| CVE-2011-4513 | 1 Siemens | 5 Simatic Hmi Panels, Wincc, Wincc Flexible and 2 more | 2026-06-16 | 10.0 HIGH | N/A |
| Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. | |||||
| CVE-2011-4451 | 1 Wikkawiki | 1 Wikkawiki | 2026-06-16 | 4.3 MEDIUM | N/A |
| libs/Wakka.class.php in WikkaWiki 1.3.1 and 1.3.2, when the spam_logging option is enabled, allows remote attackers to write arbitrary PHP code to the spamlog_path file via the User-Agent HTTP header in an addcomment request. NOTE: the vendor disputes this issue because the rendering of the spamlog_path file never uses the PHP interpreter | |||||
| CVE-2011-4449 | 1 Wikkawiki | 1 Wikkawiki | 2026-06-16 | 6.8 MEDIUM | N/A |
| actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file. | |||||
| CVE-2011-4369 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2026-06-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. | |||||
| CVE-2011-4358 | 1 Oracle | 1 Sun Glassfish Enterprise Server | 2026-06-16 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF. | |||||
| CVE-2011-4324 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 4.9 MEDIUM | N/A |
| The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem. | |||||
| CVE-2011-4313 | 1 Isc | 1 Bind | 2026-06-16 | 5.0 MEDIUM | N/A |
| query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. | |||||
| CVE-2011-4301 | 1 Moodle | 1 Moodle | 2026-06-16 | 5.0 MEDIUM | N/A |
| The MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not recognize Forms API setConstant operations, which allows remote attackers to submit unexpected form content by modifying the values of constant fields. | |||||
| CVE-2011-4291 | 1 Moodle | 1 Moodle | 2026-06-16 | 4.0 MEDIUM | N/A |
| Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations. | |||||
| CVE-2011-4262 | 1 Realnetworks | 1 Realplayer | 2026-06-16 | 9.3 HIGH | N/A |
| Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted MP4 file. | |||||
| CVE-2011-4255 | 1 Realnetworks | 1 Realplayer | 2026-06-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via an invalid codec name. | |||||
| CVE-2011-4253 | 1 Realnetworks | 1 Realplayer | 2026-06-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-4250 | 1 Realnetworks | 1 Realplayer | 2026-06-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the ATRC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-4223 | 1 Investintech | 1 Absolute Pdf Server | 2026-06-16 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Investintech.com Absolute PDF Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | |||||
| CVE-2011-4222 | 1 Investintech | 2 Able2extract, Able2extract Server | 2026-06-16 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document. | |||||
| CVE-2011-4221 | 1 Investintech | 1 Able2doc | 2026-06-16 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document. | |||||
