CVE-2011-4516
- EPSS 10.62%
- Veröffentlicht 15.12.2011 03:57:34
- Zuletzt bearbeitet 16.06.2026 23:34:58
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding st...
CVE-2011-4517
- EPSS 10.62%
- Veröffentlicht 15.12.2011 03:57:34
- Zuletzt bearbeitet 16.06.2026 23:34:58
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a deni...
- EPSS 1.59%
- Veröffentlicht 13.12.2011 21:55:01
- Zuletzt bearbeitet 16.06.2026 23:34:07
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- EPSS 15.48%
- Veröffentlicht 08.12.2011 11:55:02
- Zuletzt bearbeitet 16.06.2026 23:35:00
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
CVE-2011-4566
- EPSS 6.8%
- Veröffentlicht 29.11.2011 00:55:01
- Zuletzt bearbeitet 16.06.2026 23:35:03
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_v...
CVE-2011-4107
- EPSS 12.67%
- Veröffentlicht 17.11.2011 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:34:26
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity ref...
CVE-2011-3892
- EPSS 1.79%
- Veröffentlicht 11.11.2011 11:55:02
- Zuletzt bearbeitet 16.06.2026 23:34:06
Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.
CVE-2011-3895
- EPSS 2.07%
- Veröffentlicht 11.11.2011 11:55:02
- Zuletzt bearbeitet 16.06.2026 23:34:07
Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.
CVE-2011-2189
- EPSS 17.84%
- Veröffentlicht 10.10.2011 10:55:05
- Zuletzt bearbeitet 16.06.2026 23:30:53
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via reque...
CVE-2011-2766
- EPSS 7.24%
- Veröffentlicht 23.09.2011 10:55:03
- Zuletzt bearbeitet 16.06.2026 23:31:57
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers.