CVE-2011-3045
- EPSS 3.57%
- Veröffentlicht 22.03.2012 16:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:30
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly exe...
- EPSS 95.1%
- Veröffentlicht 25.12.2011 01:55:02
- Zuletzt bearbeitet 16.06.2026 23:35:31
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to exec...
CVE-2011-4516
- EPSS 10.62%
- Veröffentlicht 15.12.2011 03:57:34
- Zuletzt bearbeitet 16.06.2026 23:34:58
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding st...
CVE-2011-4517
- EPSS 10.62%
- Veröffentlicht 15.12.2011 03:57:34
- Zuletzt bearbeitet 16.06.2026 23:34:58
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a deni...
CVE-2011-4315
- EPSS 6.07%
- Veröffentlicht 08.12.2011 20:55:01
- Zuletzt bearbeitet 16.06.2026 23:34:45
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
CVE-2011-4107
- EPSS 12.67%
- Veröffentlicht 17.11.2011 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:34:26
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity ref...
CVE-2011-2520
- EPSS 0.42%
- Veröffentlicht 21.07.2011 23:55:03
- Zuletzt bearbeitet 16.06.2026 23:31:30
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
CVE-2011-2501
- EPSS 3.48%
- Veröffentlicht 17.07.2011 20:55:01
- Zuletzt bearbeitet 16.06.2026 23:31:27
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers...
CVE-2011-2690
- EPSS 3.29%
- Veröffentlicht 17.07.2011 20:55:01
- Zuletzt bearbeitet 16.06.2026 23:31:48
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwr...
CVE-2011-2691
- EPSS 3.86%
- Veröffentlicht 17.07.2011 20:55:01
- Zuletzt bearbeitet 16.06.2026 23:31:48
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers t...