- EPSS 10.11%
- Veröffentlicht 30.03.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:23
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted U...
CVE-2007-1285
- EPSS 18.16%
- Veröffentlicht 06.03.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:17
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
CVE-2007-0455
- EPSS 11.69%
- Veröffentlicht 30.01.2007 17:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:36
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded...
CVE-2006-5170
- EPSS 3.83%
- Veröffentlicht 10.10.2006 04:06:00
- Zuletzt bearbeitet 16.06.2026 22:30:38
pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the...
CVE-2006-5158
- EPSS 3.47%
- Veröffentlicht 05.10.2006 04:04:00
- Zuletzt bearbeitet 16.06.2026 22:30:36
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference...
CVE-2006-3918
- EPSS 94.28%
- Veröffentlicht 28.07.2006 00:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:04
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected ba...
- EPSS 14.19%
- Veröffentlicht 25.10.2005 17:06:00
- Zuletzt bearbeitet 16.06.2026 22:16:00
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused f...
- EPSS 8.39%
- Veröffentlicht 05.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:12:45
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one...
CVE-2004-0642
- EPSS 8.26%
- Veröffentlicht 28.09.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:04
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
CVE-2004-0643
- EPSS 1.43%
- Veröffentlicht 28.09.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:04
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.