Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-05-03 | CVE-2011-1305 | Race Condition vulnerability in Google Chrome Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database. | 6.8 |
| 2011-05-03 | CVE-2011-1304 | Unspecified vulnerability in Google Chrome Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins. | 5.0 |
| 2011-05-03 | CVE-2011-1303 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 7.5 |
| 2011-05-03 | CVE-2011-1847 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. | 4.9 |
| 2011-05-03 | CVE-2011-1846 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. | 6.5 |
| 2011-05-03 | CVE-2011-1739 | Improper Input Validation vulnerability in Freebsd The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request. | 4.3 |
| 2011-05-03 | CVE-2011-1727 | Cross-Site Scripting vulnerability in HP Sitescope Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue. | 4.3 |
| 2011-05-03 | CVE-2011-1726 | Cross-Site Scripting vulnerability in HP Sitescope Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-05-03 | CVE-2011-1522 | SQL Injection vulnerability in Doctrine-Project products Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field. | 7.5 |
| 2011-05-03 | CVE-2011-1845 | Resource Management Errors vulnerability in Microsoft Silverlight Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application involving (1) subscriptions to an INotifyDataErrorInfo.ErrorsChanged event or (2) a TextBlock or TextBox element. | 7.8 |