Total
1619 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3954 | 1 Google | 1 Chrome | 2024-11-21 | 5.0 MEDIUM | N/A |
| Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage. | |||||
| CVE-2011-3348 | 2 Apache, Redhat | 3 Http Server, Enterprise Linux, Jboss Enterprise Web Server | 2024-11-21 | 4.3 MEDIUM | N/A |
| The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request. | |||||
| CVE-2011-3336 | 4 Apple, Freebsd, Openbsd and 1 more | 4 Mac Os X, Freebsd, Openbsd and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion. | |||||
| CVE-2011-3192 | 4 Apache, Canonical, Opensuse and 1 more | 5 Http Server, Ubuntu Linux, Opensuse and 2 more | 2024-11-21 | 7.8 HIGH | N/A |
| The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. | |||||
| CVE-2011-2918 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application. | |||||
| CVE-2011-2906 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.7 MEDIUM | 5.5 MEDIUM |
| Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioctl call. NOTE: this may be a vulnerability only in unusual environments that provide a privileged program for obtaining the required file descriptor. | |||||
| CVE-2011-2689 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2024-11-21 | 4.9 MEDIUM | N/A |
| The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space. | |||||
| CVE-2011-2491 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2024-11-21 | 4.9 MEDIUM | N/A |
| The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call. | |||||
| CVE-2011-2189 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd. | |||||
| CVE-2011-1640 | 1 Cisco | 1 Ios | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354. | |||||
| CVE-2011-1474 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash. | |||||
| CVE-2011-1459 | 1 Google | 1 Blink | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an attacker to cause a denial of service (crash) via the htmlpluginelement.cpp plugin. | |||||
| CVE-2011-1083 | 3 Linux, Redhat, Suse | 6 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 3 more | 2024-11-21 | 4.9 MEDIUM | N/A |
| The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. | |||||
| CVE-2011-1082 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. | |||||
| CVE-2011-0999 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not prevent creation of a transparent huge page (THP) during the existence of a temporary stack for an exec system call, which allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact via a crafted application. | |||||
| CVE-2011-0985 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 7.5 HIGH | N/A |
| Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors. | |||||
| CVE-2011-0762 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 4.0 MEDIUM | N/A |
| The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. | |||||
| CVE-2010-4805 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4251. | |||||
| CVE-2010-4686 | 1 Cisco | 1 Ios | 2024-11-21 | 7.8 HIGH | N/A |
| CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a "peculiar" request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950. | |||||
| CVE-2010-4671 | 1 Cisco | 1 Ios | 2024-11-21 | 7.8 HIGH | N/A |
| The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534. | |||||