CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0435
https://notcve.org/view.php?id=CVE-2012-0435
26 Jan 2013 — SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984. SUSE WebYaST anterior a v1.2 0.2.63-0.6.1 permite atacantes remotos modificar la lista de hosts y posteriormente producir ataques man-in-the-middle a través de una petición /host modificada al puerto TCP 4984. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00008.html •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2011-4315
https://notcve.org/view.php?id=CVE-2011-4315
08 Dec 2011 — Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. Desbordamiento de búfer basado en memoria dinámica en el procesamiento de compresión puntero en core/ngx_resolver.c en nginx antes de v1.0.10 permite a resolvers remotos causar una denegación de servicio (caída del demonio) o posiblemente tener un impacto no especificado a ... • http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070569.html • CWE-787: Out-of-bounds Write •