- EPSS 7.94%
- Veröffentlicht 01.02.2012 16:55:01
- Zuletzt bearbeitet 16.06.2026 23:37:16
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corr...
CVE-2012-0449
- EPSS 5.81%
- Veröffentlicht 01.02.2012 16:55:01
- Zuletzt bearbeitet 16.06.2026 23:37:17
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...
CVE-2012-0442
- EPSS 4.6%
- Veröffentlicht 01.02.2012 16:55:00
- Zuletzt bearbeitet 16.06.2026 23:37:16
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corru...
CVE-2012-0053
- EPSS 82.76%
- Veröffentlicht 28.01.2012 04:05:00
- Zuletzt bearbeitet 16.06.2026 23:36:34
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors i...
CVE-2012-0031
- EPSS 2.91%
- Veröffentlicht 18.01.2012 20:55:02
- Zuletzt bearbeitet 16.06.2026 23:36:31
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memor...
- EPSS 2.62%
- Veröffentlicht 08.01.2012 11:55:19
- Zuletzt bearbeitet 16.06.2026 23:34:50
MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by (1) leveraging the SpecialUpload::ajaxGetExistsWarning function, or by (2) leveraging an...
- EPSS 2.41%
- Veröffentlicht 08.01.2012 11:55:18
- Zuletzt bearbeitet 16.06.2026 23:34:50
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.
CVE-2011-3919
- EPSS 2.4%
- Veröffentlicht 07.01.2012 11:55:13
- Zuletzt bearbeitet 16.06.2026 23:34:09
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- EPSS 95.1%
- Veröffentlicht 25.12.2011 01:55:02
- Zuletzt bearbeitet 16.06.2026 23:35:31
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to exec...
- EPSS 23.08%
- Veröffentlicht 24.12.2011 19:55:05
- Zuletzt bearbeitet 16.06.2026 23:34:50
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via...