Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-05-31 | CVE-2011-0628 | Numeric Errors vulnerability in Adobe Flash Player Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code via ActionScript that improperly handles a long array object. | 9.3 |
| 2011-05-31 | CVE-2011-0546 | Improper Input Validation vulnerability in Symantec Backup Exec Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information sent between the media server and the remote agent, which allows man-in-the-middle attackers to execute NDMP commands via unspecified vectors. | 6.5 |
| 2011-05-26 | CVE-2010-2246 | Improper Input Validation vulnerability in FEH Project FEH feh before 1.8, when the --wget-timestamp option is enabled, might allow remote attackers to execute arbitrary commands via shell metacharacters in a URL. | 5.1 |
| 2011-05-26 | CVE-2011-2173 | Resource Management Errors vulnerability in IBM Websphere Portal 6.0.1.7/7.0.0.1 The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users to cause a denial of service (memory consumption) via requests. | 4.0 |
| 2011-05-26 | CVE-2011-2172 | Cross-Site Scripting vulnerability in IBM Websphere Portal 7.0.0.1 Cross-site scripting (XSS) vulnerability in the search center in IBM WebSphere Portal 7.0.0.1 before CF004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-05-26 | CVE-2010-4807 | Race Condition vulnerability in IBM web Content Manager 7.0.0.1 Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 allows remote authenticated users to cause a denial of service (infinite recursive query) via unspecified vectors, related to a StackOverflowError exception. | 3.5 |
| 2011-05-26 | CVE-2010-4806 | Permissions, Privileges, and Access Controls vulnerability in IBM web Content Manager 6.1.5/7.0.01 The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 before CF003, allows remote authenticated users to bypass intended access restrictions on draft creation by leveraging certain resource editor privileges. | 4.0 |
| 2011-05-26 | CVE-2010-4805 | Resource Exhaustion vulnerability in multiple products The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field. | 7.5 |
| 2011-05-26 | CVE-2010-4251 | Resource Exhaustion vulnerability in multiple products The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests. | 7.5 |
| 2011-05-24 | CVE-2011-2171 | Unspecified vulnerability in Google Chrome OS Unspecified vulnerability in the dbugs package in Google Chrome OS before R12 0.12.433.38 Beta has unknown impact and attack vectors. | 10.0 |