Explore CVEs related to Overflow vulnerabilities, filtered by published year. This list is sorted by most recent disclosures first and supports filtering by CVSS and EPSS risk scores.
Includes the most recent vulnerability disclosures and trends, helping security teams quickly identify high-risk issues and exploitation likelihood.
You're viewing Overflow CVEs published in 2011. View full CVE list
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2011-4620 | Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information. | 9.3 | 34.58% | 2011-12-31 | 2026-04-29 |
| CVE-2011-5033 | Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file. | 4.4 | 0.55% | 2011-12-29 | 2026-04-29 |
| CVE-2011-4537 | Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11355 and earlier allow remote attackers to execute arbitrary code or cause a denial of service via a crafted packet to TCP port (1) 12397 or (2) 12399. | 7.5 | 20.17% | 2011-12-27 | 2026-04-29 |
| CVE-2011-4536 | Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka HistoryServer.exe) in WellinTech KingView 6.53 and 65.30.2010.18018 allows remote attackers to execute arbitrary code via a crafted op-code 3 packet. | 10.0 | 31.04% | 2011-12-27 | 2026-04-29 |
| CVE-2011-4167 | Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp. | 7.5 | 11.09% | 2011-12-27 | 2026-04-29 |
| CVE-2011-4050 | Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows remote attackers to cause a denial of service via a crafted packet to TCP port 12401. | 5.0 | 77.32% | 2011-12-27 | 2026-04-29 |
| CVE-2011-5012 | Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 before, Reflection 2011 R2 before 15.4.1.327, Reflection Windows Client 7.2 SP1 before hotfix 7.2.1186, and Reflection 14.1 SP1 before 14.1.1.206, allows remote FTP servers to execute arbitrary code via a long directory name in a response to a LIST command. | 10.0 | 25.94% | 2011-12-25 | 2026-04-29 |
| CVE-2011-5007 | Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080. | 10.0 | 81.88% | 2011-12-25 | 2026-04-29 |
| CVE-2011-5006 | Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file. | 9.3 | 8.23% | 2011-12-25 | 2026-04-29 |
| CVE-2011-5003 | Stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndexer.exe) in Avid Media Composer 5.5.3 and earlier allows remote attackers to execute arbitrary code via a long request to TCP port 4659. | 10.0 | 75.67% | 2011-12-25 | 2026-04-29 |
| CVE-2011-5002 | Multiple stack-based buffer overflows in Final Draft 8 before 8.02 allow remote attackers to execute arbitrary code via a .fdx or .fdxt file with long (1) Word, (2) Transition, (3) Location, (4) Extension, (5) SceneIntro, (6) TimeOfDay, and (7) Character elements. | 10.0 | 33.53% | 2011-12-25 | 2026-04-29 |
| CVE-2011-5001 | Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertController.dll in CmdProcessor.exe in Trend Micro Control Manager 5.5 before Build 1613 allows remote attackers to execute arbitrary code via a crafted IPC packet to TCP port 20101. | 10.0 | 72.00% | 2011-12-25 | 2026-04-29 |
| CVE-2011-4862 | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. | 10.0 | 92.58% | 2011-12-25 | 2026-04-29 |
| CVE-2010-5081 | Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 allows remote attackers to execute arbitrary code via a long URL in a .pls file. | 9.3 | 59.70% | 2011-12-25 | 2026-04-29 |
| CVE-2009-5109 | Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file. | 9.3 | 60.16% | 2011-12-25 | 2026-04-29 |
| CVE-2011-2778 | Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration. | 7.6 | 3.51% | 2011-12-23 | 2026-04-29 |
| CVE-2011-4037 | Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file. | 9.3 | 6.60% | 2011-12-22 | 2026-04-29 |
| CVE-2011-4857 | Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information. | 10.0 | 7.27% | 2011-12-16 | 2026-04-29 |
| CVE-2011-3406 | Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote authenticated users to execute arbitrary code via a crafted query that leverages incorrect memory initialization, aka "Active Directory Buffer Overflow Vulnerability." | 8.8 | 43.48% | 2011-12-14 | 2026-04-29 |
| CVE-2011-3916 | Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 5.0 | 0.53% | 2011-12-13 | 2026-04-29 |