Search Results (16385 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0211 5 Apple, Openldap, Opensuse and 2 more 6 Mac Os X, Mac Os X Server, Openldap and 3 more 2025-04-11 9.8 Critical
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite.
CVE-2004-2765 2 Redhat, Sun 4 Enterprise Linux, Iplanet Messaging Server, One Messaging Server and 1 more 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, a different vulnerability than CVE-2005-2022 and CVE-2006-5486.
CVE-2011-0538 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-11 N/A
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
CVE-2011-1926 2 Cmu, Redhat 2 Cyrus Imap Server, Enterprise Linux 2025-04-11 N/A
The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.
CVE-2011-1957 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-11 N/A
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.
CVE-2011-0695 3 Canonical, Linux, Redhat 9 Ubuntu Linux, Linux Kernel, Enterprise Linux and 6 more 2025-04-11 N/A
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
CVE-2013-1740 2 Mozilla, Redhat 2 Network Security Services, Enterprise Linux 2025-04-11 N/A
The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.
CVE-2011-0710 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-11 N/A
The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.
CVE-2011-0711 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2025-04-11 N/A
The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.
CVE-2011-0714 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-11 N/A
Use-after-free vulnerability in a certain Red Hat patch for the RPC server sockets functionality in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 might allow remote attackers to cause a denial of service (crash) via malformed data in a packet, related to lockd and the svc_xprt_received function.
CVE-2011-0904 2 David King, Redhat 2 Vino, Enterprise Linux 2025-04-11 N/A
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.
CVE-2011-0997 4 Canonical, Debian, Isc and 1 more 5 Ubuntu Linux, Debian Linux, Dhcp and 2 more 2025-04-11 N/A
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
CVE-2011-1006 2 Balbir Singh, Redhat 2 Libcgroup, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries.
CVE-2011-1011 1 Redhat 3 Enterprise Linux, Fedora, Policycoreutils 2025-04-11 N/A
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.
CVE-2011-1025 2 Openldap, Redhat 2 Openldap, Enterprise Linux 2025-04-11 N/A
bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password.
CVE-2011-2504 2 Redhat, Xfree86 2 Enterprise Linux, X11perf 2025-04-11 N/A
Untrusted search path vulnerability in x11perfcomp in XFree86 x11perf before 1.5.4 allows local users to gain privileges via unspecified Trojan horse code in the current working directory.
CVE-2011-2520 2 Fedoraproject, Redhat 3 Fedora, Enterprise Linux, System-config-firewall 2025-04-11 7.8 High
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
CVE-2011-2464 2 Isc, Redhat 2 Bind, Enterprise Linux 2025-04-11 N/A
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
CVE-2011-2479 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-11 5.5 Medium
The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAP_PRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service (system crash) via a crafted application.
CVE-2011-2482 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Eus 2025-04-11 7.5 High
A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet.