Unspecified vulnerability in the Open Database Connectivity (ODBC) component in 7T Interactive Graphical SCADA System (IGSS) before 9.0.0.11143 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 20222, which triggers memory corruption related to an "invalid structure being used."
Max CVSS
10.0
EPSS Score
4.73%
Published
2011-05-31
Updated
2018-10-09
Unspecified vulnerability in the dbugs package in Google Chrome OS before R12 0.12.433.38 Beta has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.11%
Published
2011-05-24
Updated
2012-01-18
Multiple unspecified vulnerabilities in Adobe Photoshop before 12.0.4 have unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.44%
Published
2011-05-20
Updated
2011-05-24
Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM Systems Director 1.2.2 has unknown impact and attack vectors.
Max CVSS
9.3
EPSS Score
0.23%
Published
2011-05-20
Updated
2017-08-29
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers."
Max CVSS
10.0
EPSS Score
0.20%
Published
2011-05-20
Updated
2011-05-23
The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.
Max CVSS
9.3
EPSS Score
0.28%
Published
2011-05-20
Updated
2011-09-07
The SmarterTools SmarterStats 6.0 web server omits the Content-Type header for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving (1) Admin/Defaults/frmDefaultSiteSettings.aspx, (2) Admin/Defaults/frmServerDefaults.aspx, (3) Admin/frmReportSettings.aspx, (4) Admin/frmSite.aspx, (5) App_Themes/Default/ButtonBarIcons.xml, (6) App_Themes/Default/Skin.xml, (7) Client/frmImportSettings.aspx, (8) Client/frmSeoSettings.aspx, (9) Services/Web.config, (10) aspnet_client/system_web/4_0_30319/, (11) clientaccesspolicy.xml, (12) cloudscan.exe, (13) crossdomain.xml, or (14) sitemap.xml. NOTE: it is possible that only clients, not the SmarterStats product, could be affected by this issue.
Max CVSS
10.0
EPSS Score
0.78%
Published
2011-05-20
Updated
2017-08-29
The SmarterTools SmarterStats 6.0 web server sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving (1) Admin/frmSite.aspx, (2) Admin/frmSites.aspx, (3) Admin/frmViewReports.aspx, (4) App_Themes/AboutThisFolder.txt, (5) Client/frmViewReports.aspx, (6) Temp/AboutThisFolder.txt, (7) default.aspx, (8) login.aspx, or (9) certain .jpg URIs under Temp/. NOTE: it is possible that only clients, not the SmarterStats product, could be affected by this issue.
Max CVSS
10.0
EPSS Score
1.07%
Published
2011-05-20
Updated
2017-08-29
Admin/frmSite.aspx in the SmarterTools SmarterStats 6.0 web server allows remote attackers to execute arbitrary commands via vectors involving a leading and trailing & (ampersand) character, and (1) an STTTState cookie, (2) the ctl00%24MPH%24txtAdminNewPassword_SettingText parameter, (3) the ctl00%24MPH%24txtSmarterLogDirectory parameter, (4) the ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414 parameter, (5) the ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter, or (6) the ctl00_MPH_grdLogLocations_HiddenLSR parameter, related to an "OS command injection" issue.
Max CVSS
10.0
EPSS Score
0.29%
Published
2011-05-20
Updated
2017-08-29

CVE-2011-2089

Public exploit
Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
50.75%
Published
2011-05-13
Updated
2017-08-29
Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20110510, the only disclosure is a vague advisory that possibly relates to multiple vulnerabilities or multiple products. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Max CVSS
9.3
EPSS Score
0.79%
Published
2011-05-10
Updated
2017-09-19

CVE-2011-1900

Public exploit
Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to execute arbitrary code via an invalid request.
Max CVSS
10.0
EPSS Score
0.65%
Published
2011-05-04
Updated
2011-05-31
Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler.
Max CVSS
10.0
EPSS Score
5.08%
Published
2011-05-13
Updated
2019-10-09
tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table.
Max CVSS
10.0
EPSS Score
5.75%
Published
2011-05-13
Updated
2019-10-09
Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode.
Max CVSS
10.0
EPSS Score
9.22%
Published
2011-05-13
Updated
2013-07-17
Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field.
Max CVSS
10.0
EPSS Score
6.77%
Published
2011-05-13
Updated
2019-10-09
Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action.
Max CVSS
10.0
EPSS Score
6.77%
Published
2011-05-13
Updated
2019-10-09
tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request.
Max CVSS
10.0
EPSS Score
4.42%
Published
2011-05-13
Updated
2019-10-09
Stack-based buffer overflow in img.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a crafted length field in a packet.
Max CVSS
10.0
EPSS Score
6.86%
Published
2011-05-13
Updated
2013-08-28
Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write.
Max CVSS
10.0
EPSS Score
0.72%
Published
2011-05-26
Updated
2020-05-22
Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
10.0
EPSS Score
1.32%
Published
2011-05-26
Updated
2020-05-22
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.
Max CVSS
10.0
EPSS Score
77.39%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message.
Max CVSS
10.0
EPSS Score
87.10%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message.
Max CVSS
10.0
EPSS Score
85.44%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message.
Max CVSS
10.0
EPSS Score
85.44%
Published
2011-05-07
Updated
2018-10-09
75 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!