Page 69 of 399 results (0.021 seconds)

CVSS: 7.5EPSS: 3%CPEs: 11EXPL: 0

CVE-2011-3919 – libxml2: Heap-based buffer overflow when decoding an entity reference with a long name

https://notcve.org/view.php?id=CVE-2011-3919

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Un desbordamiento de pila basado en memoria dinámica (monticulo) en libxml2, tal y como se utiliza en Google Chrome antes de v16.0.912.75, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=107128 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html http://rhn.redhat.com/errata/RHSA-2013-0217.html http://secunia.com/advisories/47449 http://secunia.com/advisories/55568 http://support&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.0EPSS: 2%CPEs: 8EXPL: 0

CVE-2011-3905 – libxml2 out of bounds read

https://notcve.org/view.php?id=CVE-2011-3905

libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. libxml2, cuando es usado en Google Chrome anterior a v16.0.912.63, permite a atacantes remotos causar una denegación de servicio (lectura fuera de límite) a través de vectores de ataque no determinados. • http://code.google.com/p/chromium/issues/detail?id=95465 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2013-0217.html http://www.debian.org/security/2012/dsa-2394 http://www.mandriva.com/security/advisories?name=MDVSA-2011:188 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14761 https://access.redhat.com/security/cve/CVE-2011-3905 https://bugzilla.redhat.com/show_bug.cgi?id=767387 • CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 2%CPEs: 16EXPL: 0

CVE-2011-3193 – qt/harfbuzz buffer overflow

https://notcve.org/view.php?id=CVE-2011-3193

Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Desbordamiento de buffer de memoria dinámica en la función Lookup_MarkMarkPos del módulo HarfBuzz (harfbuzz-gpos.c), tal como se usa en Qt anteriores a 4.7.4 y Pango. Permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un archivo de fuentes modificado. • http://cgit.freedesktop.org/harfbuzz.old/commit/?id=81c8ef785b079980ad5b46be4fe7c7bf156dbf65 http://cgit.freedesktop.org/harfbuzz/commit/src/harfbuzz-gpos.c?id=da2c52abcd75d46929b34cad55c4fb2c8892bc08 http://git.gnome.org/browse/pango/commit/pango/opentype/harfbuzz-gpos.c?id=a7a715480db66148b1f487528887508a7991dcd0 http://lists.opensuse.org/opensuse-updates/2011-10/msg00007.html http://lists.opensuse.org/opensuse-updates/2011-10/msg00008.html http://rhn.redhat.com/errata/RHSA-2011-1323.html http://rhn.redhat.com/errata/RH • CWE-787: Out-of-bounds Write •

CVSS: 6.8EPSS: 4%CPEs: 10EXPL: 0

CVE-2011-2834 – libxml2: double-free caused by malformed XPath expression in XSLT

https://notcve.org/view.php?id=CVE-2011-2834

Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Vulnerabilidad de doble liberación en libxml2, tal y como se usa en Google Chrome antes de v14.0.835.163, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejo de XPath. • http://code.google.com/p/chromium/issues/detail?id=93472 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/75560 http://rhn.redhat.com/errata/RHSA-2013-0217.html http://support.apple.com/kb/HT5281 http://support. • CWE-415: Double Free •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2011-2519 – kernel: xen: x86_emulate: fix SAHF emulation

https://notcve.org/view.php?id=CVE-2011-2519

Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction. Xen en el kernel de Linux, al ejecutar como invitado en una máquina sin paginación asistida por hardware (HAP), permite a usuarios invitados causar denegación de servicio (referencia a puntero inválido y caída del hipervisor) a través de la instrucción SAHF. • http://rhn.redhat.com/errata/RHSA-2011-1212.html http://www.openwall.com/lists/oss-security/2011/08/30/1 http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644 https://bugzilla.redhat.com/show_bug.cgi?id=718882 https://access.redhat.com/security/cve/CVE-2011-2519 • CWE-476: NULL Pointer Dereference •