CVE-2009-0949
- EPSS 19.63%
- Veröffentlicht 09.06.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:10
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler re...
CVE-2009-1955
- EPSS 52.99%
- Veröffentlicht 08.06.2009 01:00:00
- Zuletzt bearbeitet 16.06.2026 23:08:25
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via ...
CVE-2009-1956
- EPSS 12.04%
- Veröffentlicht 08.06.2009 01:00:00
- Zuletzt bearbeitet 16.06.2026 23:08:26
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
CVE-2009-1961
- EPSS 0.59%
- Veröffentlicht 08.06.2009 01:00:00
- Zuletzt bearbeitet 16.06.2026 23:08:27
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of ...
- EPSS 80.13%
- Veröffentlicht 04.06.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:10
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
- EPSS 10.25%
- Veröffentlicht 04.06.2009 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:10
The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a...
CVE-2009-1633
- EPSS 3.03%
- Veröffentlicht 28.05.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:41
Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to U...
- EPSS 12.75%
- Veröffentlicht 19.05.2009 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:09
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or ...
CVE-2009-1630
- EPSS 0.49%
- Veröffentlicht 14.05.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:40
The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass pe...
- EPSS 12.38%
- Veröffentlicht 23.04.2009 17:30:01
- Zuletzt bearbeitet 16.06.2026 23:06:42
mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.