Critical
CVE-2011-2455
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to exec…
Tag: Denial of Service (DoS)
All CVEs associated with "Denial of Service (DoS)". Page 253/331 • 39665 CVEs.
Subscribe CVEs: RSS for “Denial of Service (DoS)” · RSS (High+Critical only)
About “Denial of Service (DoS)”
A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39665 CVEs for this tag (all time). In the last 365 days, 3232 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2011-11-11
Critical
CVE-2011-2454
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to exec…
Critical
CVE-2011-2453
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to exec…
Critical
CVE-2011-2452
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to exec…
Critical
CVE-2011-2451
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to exec…
Critical
CVE-2011-2450
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to exec…
Critical
CVE-2011-2445
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to exec…
Medium
CVE-2011-3897
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to e…
High
CVE-2011-3896
Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping.
High
CVE-2011-3895
Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stre…
High
CVE-2011-3894
Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via…
Medium
CVE-2011-3893
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vector…
High
CVE-2011-3892
Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted strea…
2011-11-09
Low
CVE-2011-1373
Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a…
Critical
CVE-2011-3654
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial…
Critical
CVE-2011-3652
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and applic…
Critical
CVE-2011-3651
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or…
Critical
CVE-2011-3650
Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remo…
2011-11-08
Critical
CVE-2011-2449
The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Critical
CVE-2011-2448
The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnera…
Critical
CVE-2011-2447
Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Critical
CVE-2011-2446
The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnera…
High
CVE-2011-2004
Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via…
Low
CVE-2011-4415
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of envi…
2011-11-07
Medium
CVE-2011-3169
Unspecified vulnerability in the SMTP service implementation in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to cause a denial of service via unknown vectors.
2011-11-04
Medium
CVE-2011-3594
The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (cr…
Medium
CVE-2011-3581
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Re…
2011-11-03
Medium
CVE-2011-3996
The LiveData Service in CSWorks before 2.0.4115.1 allows remote attackers to cause a denial of service (service crash) via crafted TCP packets.
Critical
CVE-2011-3992
Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052, DWL-2100AP with firmware before 2.50RC548, and DWL-3200AP with firmware before 2.55RC549 allows r…
Medium
CVE-2011-3987
dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard before 4.41.0315, and Pro Advanced before 4.41.0315 allows local users to cause a denial of service (system crash) via an invalid Devi…
Medium
CVE-2011-4102
Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of…
Medium
CVE-2011-4101
The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a de…
Medium
CVE-2011-4100
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause…
Medium
CVE-2011-4078
include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resou…
Medium
CVE-2011-3995
Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 and earlier allows remote attackers to cause a denial of service (daemon crash) via unknown network traffic.
2011-11-02
Critical
CVE-2011-1919
Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash…
Critical
CVE-2011-1918
Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service…
2011-11-01
Critical
CVE-2011-4223
Unspecified vulnerability in Investintech.com Absolute PDF Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF documen…
Critical
CVE-2011-4222
Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr…
Critical
CVE-2011-4221
Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a craf…
Critical
CVE-2011-4220
Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly exec…
Critical
CVE-2011-4219
Investintech.com SlimPDF Reader does not prevent faulting-address data from affecting branch selection, which allows remote attackers to cause a denial of service (application crash) or possibly exec…
Critical
CVE-2011-4218
Investintech.com SlimPDF Reader does not prevent faulting-instruction data from affecting write operations, which allows remote attackers to cause a denial of service (application crash) or possibly…
Critical
CVE-2011-4217
Investintech.com SlimPDF Reader does not properly restrict read operations during block data moves, which allows remote attackers to cause a denial of service (application crash) or possibly execute…
Critical
CVE-2011-4216
Investintech.com SlimPDF Reader does not properly restrict write operations, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr…
High
CVE-2011-0941
Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1), and Cisco IOS 12.4 and 15.1, allows remote attack…
2011-10-29
Medium
CVE-2010-0780
IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a denial of service (disk consumption) via multiple connection attempts to a stopped queue manager.
2011-10-28
Critical
CVE-2011-3251
Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted TKHD atoms in a QuickTime…
Critical
CVE-2011-3250
Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.
Critical
CVE-2011-3249
Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding.
Critical
CVE-2011-3248
Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font table in a QuickTime mov…
Critical
CVE-2011-3247
Integer overflow in Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT file.
High
CVE-2011-2830
Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object wrappers, which allows remote attackers to cause a denial of service (application crash) or possibly…
2011-10-27
High
CVE-2011-3318
Cisco Video Surveillance 2421 and 2500 series cameras with software 1.1.x and 2.x before 2.4.0 and Video Surveillance 2600 series cameras with software before 4.2.0-13 allow remote attackers to cause…
Medium
CVE-2011-4079
Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-ba…
2011-10-25
High
CVE-2011-3891
Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impa…
High
CVE-2011-3890
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source ha…
High
CVE-2011-3889
Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unkn…
Medium
CVE-2011-3888
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to e…
Medium
CVE-2011-3886
Google V8, as used in Google Chrome before 15.0.874.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers out-o…
High
CVE-2011-3885
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading…
Medium
CVE-2011-3884
Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact vi…
High
CVE-2011-3883
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters.
High
CVE-2011-3882
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media buffers.
Medium
CVE-2011-3878
Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization.
2011-10-23
Medium
CVE-2011-1478
The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might…
2011-10-22
Medium
CVE-2011-2060
The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 before 8.2(5.3), 8.3 before 8.3(2.20), and 8.4 before 8.4(2.1) does not properly handle non…
High
CVE-2011-2058
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of s…
High
CVE-2011-2057
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between…
High
CVE-2011-1640
The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of ser…
2011-10-21
Medium
CVE-2011-2713
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in…
Medium
CVE-2011-4063
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authent…
Medium
CVE-2011-0290
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log…
2011-10-20
High
CVE-2011-4151
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to ca…
High
CVE-2011-1529
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used,…
High
CVE-2011-1528
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers…
High
CVE-2011-1527
The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL poi…
High
CVE-2011-2584
Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows remote attackers to access the (1) Encoders and Pull Configurations, (2) Push Configurations, (3) Video Encoding Formats, and (4)…
2011-10-19
Medium
CVE-2011-4137
The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which…
2011-10-18
High
CVE-2011-4062
Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX…
2011-10-14
Medium
CVE-2011-3432
The UIKit Alerts component in Apple iOS before 5 allows remote attackers to cause a denial of service (device hang) via a long tel: URL that triggers a large size for the acceptance dialog.
Medium
CVE-2011-3261
Double free vulnerability in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Excel spreadsheet.
Medium
CVE-2011-3260
Buffer overflow in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word document.
Medium
CVE-2011-3259
The kernel in Apple iOS before 5 and Apple TV before 4.4 does not properly recover memory allocated for incomplete TCP connections, which allows remote attackers to cause a denial of service (resourc…
Medium
CVE-2011-3256
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial…
Medium
CVE-2011-3228
QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.
Medium
CVE-2011-3227
libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execu…
Medium
CVE-2011-3223
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file.
Medium
CVE-2011-3222
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.
Medium
CVE-2011-3221
QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application…
Medium
CVE-2011-3217
MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image.
High
CVE-2011-0230
Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application c…
Medium
CVE-2011-0224
CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.
2011-10-12
Critical
CVE-2011-3252
Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Codi…
High
CVE-2011-3244
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-3241
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-3239
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-3238
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-3237
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-3236
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-3235
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-3233
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
Critical
CVE-2011-3219
Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.2…
High
CVE-2011-2831
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2820
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2817
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2816
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2815
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2814
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2813
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2811
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2809
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2356
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2354
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2352
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2341
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2339
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-2338
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to…
High
CVE-2011-0259
CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (me…
Medium
CVE-2011-2012
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote attackers to cause a denial of service (IIS out…