CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2011

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2011-0988 264 +Priv 2011-04-18 2017-08-17
4.4
None Local Medium Not required Partial Partial Partial
pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors.
152 CVE-2011-0951 255 2011-04-04 2017-08-17
5.0
None Remote Low Not required None Partial None
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6 and 5.2 before 5.2.0.26.3 allows remote attackers to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.
153 CVE-2011-0935 310 Bypass 2011-04-14 2011-04-21
10.0
None Remote Low Not required Complete Complete Complete
The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ID CSCth82164, a different vulnerability than CVE-2010-4685.
154 CVE-2011-0898 79 XSS 2011-04-15 2017-08-17
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.00 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
155 CVE-2011-0897 2011-04-15 2017-08-17
4.6
None Local Low ??? Complete None None
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 allows local users to read arbitrary files via unknown vectors.
156 CVE-2011-0896 DoS 2011-04-15 2017-08-17
6.8
None Remote Low ??? None None Complete
Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors.
157 CVE-2011-0895 +Info 2011-04-06 2019-10-09
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authenticated users to obtain sensitive information via unknown vectors.
158 CVE-2011-0894 Bypass 2011-04-04 2011-09-22
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in HP Operations 9.10 on UNIX platforms allows remote authenticated users to bypass intended access restrictions via unknown vectors.
159 CVE-2011-0893 79 XSS 2011-04-04 2011-09-22
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX platforms allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
160 CVE-2011-0891 DoS 2011-04-04 2011-04-21
4.4
None Local Medium ??? None None Complete
Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors.
161 CVE-2011-0861 2011-04-20 2012-05-01
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Update 2011-B and 9.1 Update 2011-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Global Payroll Core.
162 CVE-2011-0860 2011-04-20 2012-08-02
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Update 2011-B and 9.1 Update 2011-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Global Payroll - Spain.
163 CVE-2011-0859 2011-04-20 2012-08-02
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Tax Update 11-B and 9.1 Tax Update 11-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Global Payroll - North America.
164 CVE-2011-0858 2011-04-20 2012-08-02
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Manager.
165 CVE-2011-0857 2011-04-20 2012-08-02
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Pension Administration.
166 CVE-2011-0856 2011-04-20 2012-08-02
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.49 GA through 8.49.30, 8.50 GA through 8.50.17, and 8.51 GA through 8.51.07 allows remote authenticated users to affect confidentiality via unknown vectors.
167 CVE-2011-0855 2011-04-20 2012-08-02
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in the InForm component in Oracle Industry Applications 4.5, 4.6, and 5.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Core.
168 CVE-2011-0854 2011-04-20 2012-08-02
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to ePerformance.
169 CVE-2011-0853 2011-04-20 2012-08-02
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to ePerformance.
170 CVE-2011-0851 2011-04-20 2012-08-02
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise ELS 9.0 Bundle #19 and 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Enterprise Learning Mgmt.
171 CVE-2011-0850 2011-04-20 2012-08-02
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 Bundle #41 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Order Capture.
172 CVE-2011-0849 2011-04-20 2012-08-02
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Java Dynamic Management Kit 5.1 allows remote attackers to affect integrity, related to HTML Adaptor.
173 CVE-2011-0847 2011-04-20 2012-08-02
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Authentication.
174 CVE-2011-0846 2011-04-20 2012-08-02
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Oracle Sun Java System Access Manager Policy Agent 2.2 allows remote attackers to affect availability via unknown vectors related to Web Proxy Agent.
175 CVE-2011-0844 2011-04-20 2012-08-02
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.
176 CVE-2011-0843 2011-04-20 2012-08-02
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 7.8.2, 8.0.0, and 8.1.1 allows remote attackers to affect integrity via unknown vectors related to Globalization - Automotive.
177 CVE-2011-0841 2011-04-20 2012-08-02
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP.
178 CVE-2011-0840 2011-04-20 2012-08-02
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in Oracle PeopleSoft Enterprise PeopleTools 8.49 GA through 8.49.30 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing.
179 CVE-2011-0839 2011-04-20 2012-08-03
3.7
None Local High ??? None None Complete
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect availability, related to LOFS.
180 CVE-2011-0837 2011-04-20 2012-08-03
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Agile Technology Platform component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote attackers to affect confidentiality via unknown vectors related to Security.
181 CVE-2011-0836 2011-04-20 2012-08-03
3.5
None Remote Medium ??? None Partial None
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
182 CVE-2011-0834 2011-04-20 2012-08-03
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 8.0.0 and 8.1.1 allows remote attackers to affect integrity via unknown vectors related to Globalization - Automotive.
183 CVE-2011-0833 2011-04-20 2012-08-03
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 7.8.2, 8.0.0, and 8.1.1 allows remote attackers to affect integrity, related to UIF Client.
184 CVE-2011-0829 2011-04-20 2012-08-03
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/SPARC.
185 CVE-2011-0828 2011-04-20 2012-08-03
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle #13 allows remote attackers to affect integrity via unknown vectors related to Application Portal.
186 CVE-2011-0827 2011-04-20 2012-08-03
3.5
None Remote Medium ??? None Partial None
Unspecified vulnerability in the PeopleSoft Enterprise component in Oracle PeopleSoft Products 8.50 GA through 8.50.17 and 8.51 GA through 8.51.07 allows remote authenticated users to affect integrity via unknown vectors related to PeopleTools.
187 CVE-2011-0826 2011-04-20 2012-08-03
3.5
None Remote Medium ??? None Partial None
Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle #13, 8.9 Bundle #7, 9.0 Bundle #7, and 9.1 Bundle #4 allows remote authenticated users to affect integrity via unknown vectors related to Application Portal.
188 CVE-2011-0825 2011-04-20 2012-08-03
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect confidentiality, integrity, and availability, related to Enterprise Infrastructure SEC.
189 CVE-2011-0824 2011-04-20 2012-08-03
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect confidentiality and integrity, related to Enterprise Infrastructure SEC.
190 CVE-2011-0823 2011-04-20 2016-11-28
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect integrity, related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2011-0819.
191 CVE-2011-0821 2011-04-20 2012-08-03
3.0
None Local Medium ??? Partial Partial None
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to uucp.
192 CVE-2011-0820 2011-04-20 2012-08-03
5.4
None Remote High Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Kernel.
193 CVE-2011-0819 2011-04-20 2016-11-28
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect integrity, related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2011-0823.
194 CVE-2011-0818 2011-04-20 2011-04-20
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect availability, related to Enterprise Infrastructure SEC.
195 CVE-2011-0813 2011-04-20 2016-11-28
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2012-0098.
196 CVE-2011-0812 2011-04-20 2012-08-03
3.7
None Local High ??? None None Complete
Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel.
197 CVE-2011-0810 2011-04-20 2011-04-20
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect availability, related to Enterprise Infrastructure SEC.
198 CVE-2011-0809 2011-04-20 2011-04-20
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Web ADI component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors.
199 CVE-2011-0808 2011-04-20 2016-04-30
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Outside In Filters. NOTE: the previous information was obtained from the April 2011 CPU. Oracle has not commented on claims from a reliable third party that this issue is in (a) vswk6.dll or (b) libvs_wk6.so in Outside In 8.1.0.4037 through 8.3.5.5684, involving the Lotus 123 parser.
200 CVE-2011-0807 2011-04-20 2011-09-22
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.
Total number of vulnerabilities : 312   Page : 1 2 3 4 (This Page)5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.