Search Results (2898 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-1754 1 Jabberd 1 Jabberd14 2025-04-11 N/A
jabberd14 1.6.1.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
CVE-2011-1756 1 Citadel 1 Citadel 2025-04-11 N/A
modules/xmpp/serv_xmpp.c in Citadel 7.86 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
CVE-2011-1757 1 Brad Fitzpatrick 1 Djabberd 2025-04-11 N/A
DJabberd 0.84 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
CVE-2011-1779 1 Freebsd 1 Libarchive 2025-04-11 N/A
Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted (1) TAR archive or (2) ISO9660 image.
CVE-2011-1785 1 Vmware 2 Esx, Esxi 2025-04-11 N/A
VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (socket exhaustion) via unspecified network traffic.
CVE-2011-1786 2 Likewise, Vmware 3 Likewise Open, Esx, Esxi 2025-04-11 N/A
lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterprise 6.0 before build 178, as distributed in VMware ESXi 4.1 and ESX 4.1 and possibly other products, allows remote attackers to cause a denial of service (daemon crash) via an Active Directory login attempt that provides a username containing an invalid byte sequence.
CVE-2011-2440 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2025-04-11 N/A
Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2011-2531 1 Prosody 1 Prosody 2025-04-11 N/A
Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation) by sending a large amount of data.
CVE-2011-2532 1 Prosody 1 Prosody 2025-04-11 N/A
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service (infinite loop) via invalid JSON data, as demonstrated by truncated data.
CVE-2011-2560 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162.
CVE-2011-2614 1 Opera 1 Opera Browser 2025-04-11 N/A
The SVG implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving a path on which many characters are drawn.
CVE-2011-2578 1 Cisco 1 Ios 2025-04-11 N/A
Memory leak in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption) via malformed SIP packets on a NAT interface, aka Bug ID CSCts12366.
CVE-2011-2613 1 Opera 1 Opera Browser 2025-04-11 N/A
The Array.prototype.join method in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a non-array object that contains initial holes.
CVE-2011-2618 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via web script that moves a (1) AUDIO element or (2) VIDEO element between windows.
CVE-2011-2619 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a gradient with many stops, related to the implementation of CANVAS elements, SVG, and Cascading Style Sheets (CSS).
CVE-2011-2624 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application hang) via a large table, which is not properly handled during a print preview.
CVE-2011-2625 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a SELECT element that contains many OPTION elements.
CVE-2011-2635 1 Opera 1 Opera Browser 2025-04-11 N/A
The Cascading Style Sheets (CSS) implementation in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via vectors involving use of the :hover pseudo-class, in conjunction with transforms, for a floated element.
CVE-2011-2639 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service (CPU consumption) via an image file that triggers continual repaints.
CVE-2011-2640 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet.