Security Vulnerabilities, CVEs, Published In 2011 (Denial of service)
Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.
Max CVSS
6.8
EPSS Score
3.12%
Published
2011-02-04
Updated
2017-10-11
Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length.
Max CVSS
5.0
EPSS Score
0.13%
Published
2011-08-31
Updated
2012-06-15
Monkey's Audio before 4.01b2 allows remote attackers to cause a denial of service (application crash) via an APX file that lacks NULL termination.
Max CVSS
4.3
EPSS Score
0.17%
Published
2011-05-20
Updated
2011-05-25
The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0006 does not properly perform certain sub filter parsing, which allows remote authenticated users to cause a denial of service (infinite loop) via a malformed search filter.
Max CVSS
6.8
EPSS Score
0.12%
Published
2011-04-21
Updated
2011-04-21
Double free vulnerability in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0005 allows remote authenticated users to cause a denial of service (ABEND) via search operations that trigger recursive filter_free calls.
Max CVSS
4.0
EPSS Score
0.12%
Published
2011-04-21
Updated
2011-04-21
CVE-2007-6750
Public exploit
The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
Max CVSS
5.0
EPSS Score
1.70%
Published
2011-12-27
Updated
2018-01-10
Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket Request System (OTRS) before 2.2.7 does not properly handle e-mail messages containing malformed UTF-8 characters, which allows remote attackers to cause a denial of service (e-mail retrieval outage) via a crafted message.
Max CVSS
5.0
EPSS Score
0.20%
Published
2011-03-18
Updated
2011-03-22
IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8.
Max CVSS
3.5
EPSS Score
0.12%
Published
2011-03-22
Updated
2011-03-24
Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25.
Max CVSS
5.0
EPSS Score
0.16%
Published
2011-03-22
Updated
2011-03-24
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX.
Max CVSS
3.5
EPSS Score
0.13%
Published
2011-03-22
Updated
2011-03-24
Multiple memory leaks in the (1) ldap_init and (2) ldap_url_search_direct API functions in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allow remote authenticated users to cause a denial of service (memory consumption) by making many function calls.
Max CVSS
4.0
EPSS Score
0.12%
Published
2011-04-21
Updated
2011-04-21
IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 on AIX allows remote attackers to cause a denial of service (server destabilization) via an anonymous DIGEST-MD5 LDAP Bind operation.
Max CVSS
5.0
EPSS Score
0.18%
Published
2011-04-21
Updated
2011-04-21
IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 does not properly handle the simultaneous changing of multiple passwords, which makes it easier for remote authenticated users to cause a denial of service (DB2 daemon deadlock) by making password changes that trigger updates to a DB2 password-history table.
Max CVSS
4.0
EPSS Score
0.13%
Published
2011-04-21
Updated
2011-04-21
Memory leak in the ldap_explode_rdn API function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allows remote authenticated users to cause a denial of service (memory consumption) by making many function calls.
Max CVSS
4.0
EPSS Score
0.12%
Published
2011-04-21
Updated
2011-04-21
Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.
Max CVSS
5.0
EPSS Score
0.28%
Published
2011-06-02
Updated
2011-06-14
Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field.
Max CVSS
7.5
EPSS Score
9.01%
Published
2011-11-30
Updated
2017-02-17
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allow remote attackers to cause a denial of service (ASDM syslog outage) via a long URL, aka Bug IDs CSCsm11264 and CSCtb92911.
Max CVSS
5.0
EPSS Score
1.28%
Published
2011-01-07
Updated
2023-08-11
Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336.
Max CVSS
7.8
EPSS Score
0.26%
Published
2011-01-07
Updated
2020-05-13
Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535.
Max CVSS
5.0
EPSS Score
0.13%
Published
2011-01-07
Updated
2020-05-13
CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555.
Max CVSS
6.8
EPSS Score
0.23%
Published
2011-01-07
Updated
2017-08-17
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR.
Max CVSS
3.5
EPSS Score
0.12%
Published
2011-03-22
Updated
2011-03-24
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by checking out a document that is accessed through a connector, aka SPR MMOI7PSR8J.
Max CVSS
3.5
EPSS Score
0.12%
Published
2011-03-22
Updated
2011-03-24
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in a calendar, aka SPR MZHA7SEBJX.
Max CVSS
3.5
EPSS Score
0.12%
Published
2011-03-22
Updated
2011-03-24
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service (daemon crash) by going offline, aka SPR MLZG7UPB9N.
Max CVSS
2.1
EPSS Score
0.12%
Published
2011-03-22
Updated
2011-03-24
IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9.
Max CVSS
3.5
EPSS Score
0.12%
Published
2011-03-22
Updated
2011-03-24