CVE-2011-2192
- EPSS 2.99%
- Veröffentlicht 07.07.2011 21:55:02
- Zuletzt bearbeitet 16.06.2026 23:30:53
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSS...
- EPSS 8.48%
- Veröffentlicht 06.06.2011 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:29:57
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as e...
CVE-2011-1783
- EPSS 6.74%
- Veröffentlicht 06.06.2011 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:30:01
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memor...
CVE-2011-0730
- EPSS 2.17%
- Veröffentlicht 02.06.2011 19:55:03
- Zuletzt bearbeitet 16.06.2026 23:27:58
Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle attackers to execute arbitrary commands by...
CVE-2011-1593
- EPSS 0.57%
- Veröffentlicht 03.05.2011 20:55:08
- Zuletzt bearbeitet 16.06.2026 23:29:41
Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.
CVE-2011-0463
- EPSS 0.52%
- Veröffentlicht 10.04.2011 02:51:19
- Zuletzt bearbeitet 16.06.2026 23:27:26
The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain pot...
CVE-2011-0997
- EPSS 84.29%
- Veröffentlicht 08.04.2011 15:17:27
- Zuletzt bearbeitet 16.06.2026 23:28:25
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstra...
CVE-2011-1400
- EPSS 4.06%
- Veröffentlicht 25.03.2011 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:29:16
The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain program...
CVE-2011-0695
- EPSS 1.19%
- Veröffentlicht 15.03.2011 17:55:04
- Zuletzt bearbeitet 16.06.2026 23:27:53
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers a...
- EPSS 73.95%
- Veröffentlicht 02.03.2011 20:00:01
- Zuletzt bearbeitet 16.06.2026 23:28:01
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions...