Total
2700 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4786 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon crash or hang) via a paged search, as demonstrated by a certain idsldapsearch command, related to an improper ibm-slapdIdleTimeOut configuration setting. | |||||
| CVE-2010-4785 | 4 Ibm, Linux, Microsoft and 1 more | 4 Tivoli Directory Server, Linux Kernel, Windows and 1 more | 2011-04-21 | 4.0 MEDIUM | N/A |
| The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID. | |||||
| CVE-2009-5073 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka 6.0.0.8-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) by adding a nested group that contains the Distinguished Name (DN) of its parent entry. | |||||
| CVE-2009-5072 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| Memory leak in the ldap_explode_dn function in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.61 (aka 6.0.0.8-TIV-ITDS-IF0003) allows remote authenticated users to cause a denial of service (memory consumption) via an empty string argument. | |||||
| CVE-2008-7290 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| Memory leak in the ldap_explode_rdn API function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allows remote authenticated users to cause a denial of service (memory consumption) by making many function calls. | |||||
| CVE-2008-7288 | 1 Ibm | 2 Aix, Tivoli Directory Server | 2011-04-21 | 5.0 MEDIUM | N/A |
| IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 on AIX allows remote attackers to cause a denial of service (server destabilization) via an anonymous DIGEST-MD5 LDAP Bind operation. | |||||
| CVE-2008-7287 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| Multiple memory leaks in the (1) ldap_init and (2) ldap_url_search_direct API functions in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allow remote authenticated users to cause a denial of service (memory consumption) by making many function calls. | |||||
| CVE-2007-6743 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| Double free vulnerability in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0005 allows remote authenticated users to cause a denial of service (ABEND) via search operations that trigger recursive filter_free calls. | |||||
| CVE-2007-6742 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 6.8 MEDIUM | N/A |
| The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0006 does not properly perform certain sub filter parsing, which allows remote authenticated users to cause a denial of service (infinite loop) via a malformed search filter. | |||||
| CVE-2011-1155 | 1 Gentoo | 1 Logrotate | 2011-04-21 | 1.9 LOW | N/A |
| The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name. | |||||
| CVE-2011-0388 | 1 Cisco | 4 Telepresence Multipoint Switch, Telepresence Multipoint Switch Software, Telepresence Recording Server and 1 more | 2011-04-09 | 7.8 HIGH | N/A |
| Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825. | |||||
| CVE-2011-0331 | 1 Honeywell | 1 Scanserver Activex Control | 2011-04-09 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 780.0.20.5 allows remote attackers to execute arbitrary code via a crafted HTML document. | |||||
| CVE-2011-1313 | 1 Ibm | 1 Websphere Application Server | 2011-04-07 | 5.0 MEDIUM | N/A |
| Double free vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote backend IIOP servers to cause a denial of service (S0C4 ABEND and storage corruption) by rejecting IIOP requests at opportunistic time instants, as demonstrated by requests associated with an ORB_Request::getACRWorkElementPtr function call. | |||||
| CVE-2011-1315 | 1 Ibm | 1 Websphere Application Server | 2011-04-07 | 5.0 MEDIUM | N/A |
| Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via network connections associated with a NULL return value from a synchronous JMS receive call. | |||||
| CVE-2011-1314 | 1 Ibm | 1 Websphere Application Server | 2011-04-07 | 5.0 MEDIUM | N/A |
| The Service Integration Bus (SIB) messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (daemon hang) by performing close operations via network connections to a queue manager. | |||||
| CVE-2011-1316 | 1 Ibm | 1 Websphere Application Server | 2011-04-07 | 5.0 MEDIUM | N/A |
| The Session Initiation Protocol (SIP) Proxy in the HTTP Transport component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (worker thread exhaustion and UDP messaging outage) by sending many UDP messages. | |||||
| CVE-2011-1317 | 1 Ibm | 1 Websphere Application Server | 2011-04-07 | 5.0 MEDIUM | N/A |
| Memory leak in com.ibm.ws.jsp.runtime.WASJSPStrBufferImpl in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by sending many JSP requests that trigger large responses. | |||||
| CVE-2007-4158 | 1 Tibco | 1 Rendezvous | 2011-04-07 | 7.8 HIGH | N/A |
| Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7.5.2, 7.5.3 and 7.5.4 allows remote attackers to cause a denial of service (memory consumption) via a packet with a length field of zero, a different vulnerability than CVE-2006-2830. | |||||
| CVE-2011-0022 | 2 Fedoraproject, Redhat | 2 389 Directory Server, Directory Server | 2011-03-31 | 4.7 MEDIUM | N/A |
| The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory. | |||||
| CVE-2011-1318 | 1 Ibm | 1 Websphere Application Server | 2011-03-30 | 5.0 MEDIUM | N/A |
| Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted. | |||||