CVSS: 5.3EPSS: 74%CPEs: 16EXPL: 2CVE-2012-0053 – Apache - httpOnly Cookie Disclosure
https://notcve.org/view.php?id=CVE-2012-0053
28 Jan 2012 — protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. protocol.c en Apache HTTP Server v2.2.x hasta la v2.2.21 no limita adecuadamente la información de cabecera durante la construcción de mensajes de error Bad Request (errores 400)... • https://packetstorm.news/files/id/109284 •
CVSS: 7.5EPSS: 2%CPEs: 17EXPL: 2CVE-2012-0031 – Apache 2.2 - Scoreboard Invalid Free On Shutdown
https://notcve.org/view.php?id=CVE-2012-0031
18 Jan 2012 — scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function. scoreboard.c en Apache HTTP Server v2.2.21 y anteriores puede permitir a usuarios locales provocar una denegación de servicio (caída del demonio durante el apagado) o posiblemente, tener un impacto no e... • https://www.exploit-db.com/exploits/41768 •
CVSS: 9.8EPSS: 2%CPEs: 11EXPL: 0CVE-2011-3919 – libxml2: Heap-based buffer overflow when decoding an entity reference with a long name
https://notcve.org/view.php?id=CVE-2011-3919
07 Jan 2012 — Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Un desbordamiento de pila basado en memoria dinámica (monticulo) en libxml2, tal y como se utiliza en Google Chrome antes de v16.0.912.75, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. OS X Lion v10.7.4 and Securi... • http://code.google.com/p/chromium/issues/detail?id=107128 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2011-3905 – libxml2 out of bounds read
https://notcve.org/view.php?id=CVE-2011-3905
13 Dec 2011 — libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. libxml2, cuando es usado en Google Chrome anterior a v16.0.912.63, permite a atacantes remotos causar una denegación de servicio (lectura fuera de límite) a través de vectores de ataque no determinados. The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way l... • http://code.google.com/p/chromium/issues/detail?id=95465 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 4%CPEs: 16EXPL: 0CVE-2011-3193 – qt/harfbuzz buffer overflow
https://notcve.org/view.php?id=CVE-2011-3193
22 Sep 2011 — Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Desbordamiento de buffer de memoria dinámica en la función Lookup_MarkMarkPos del módulo HarfBuzz (harfbuzz-gpos.c), tal como se usa en Qt anteriores a 4.7.4 y Pango. Permite a atacantes remotos provocar una denegación de servicio (caída) y posible... • http://cgit.freedesktop.org/harfbuzz.old/commit/?id=81c8ef785b079980ad5b46be4fe7c7bf156dbf65 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 3%CPEs: 10EXPL: 0CVE-2011-2834 – libxml2: double-free caused by malformed XPath expression in XSLT
https://notcve.org/view.php?id=CVE-2011-2834
17 Sep 2011 — Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Vulnerabilidad de doble liberación en libxml2, tal y como se usa en Google Chrome antes de v14.0.835.163, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejo de XPath. OS X Lion v10.7.4 an... • http://code.google.com/p/chromium/issues/detail?id=93472 • CWE-415: Double Free •
CVSS: 7.5EPSS: 4%CPEs: 24EXPL: 1CVE-2011-3389 – SSL/TLS Version Detection
https://notcve.org/view.php?id=CVE-2011-3389
06 Sep 2011 — The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClie... • https://github.com/mpgn/BEAST-PoC • CWE-298: Improper Validation of Certificate Expiration CWE-319: Cleartext Transmission of Sensitive Information CWE-326: Inadequate Encryption Strength CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-328: Use of Weak Hash •
CVSS: 8.8EPSS: 2%CPEs: 10EXPL: 0CVE-2011-2821 – libxml2: double free caused by malformed XPath expression in XSLT
https://notcve.org/view.php?id=CVE-2011-2821
29 Aug 2011 — Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. Doble vulnerabilidad libre en libxml2, como se usa en Google Chrome antes de v13.0.782.215, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de una expresión XPath manipulada. OS X Lion v10.7.4 and Security Update 2012-002 is now a... • http://code.google.com/p/chromium/issues/detail?id=89402 • CWE-415: Double Free CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2011-2213 – kernel: inet_diag: insufficient validation
https://notcve.org/view.php?id=CVE-2011-2213
15 Jul 2011 — The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. La función net_diag_bc_audit en net/ipv4/inet_diag.c en el Kernel de Linux anterior a v2.6.39.3 no audita ade... • http://article.gmane.org/gmane.linux.network/197206 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 1CVE-2011-2492 – kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
https://notcve.org/view.php?id=CVE-2011-2492
15 Jul 2011 — The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c. El subsistema de bluetooth en el kernel de Linux anteriores a v3.0-rc4 no inicializa correctamente algunas es... • https://packetstorm.news/files/id/105078 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •