# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2011-3905 |
125 |
|
DoS |
2011-12-13 |
2020-05-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
2 |
CVE-2011-2834 |
415 |
|
DoS |
2011-09-19 |
2020-05-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. |
3 |
CVE-2011-2821 |
415 |
|
DoS |
2011-08-29 |
2020-05-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. |
4 |
CVE-2011-2689 |
400 |
|
DoS |
2011-07-28 |
2020-07-31 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space. |
5 |
CVE-2011-2213 |
835 |
|
DoS |
2011-08-29 |
2020-07-31 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. |
6 |
CVE-2011-2022 |
20 |
|
DoS +Priv |
2011-05-09 |
2020-07-29 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745. |
7 |
CVE-2011-1776 |
119 |
|
DoS Overflow +Info |
2011-09-06 |
2020-07-27 |
5.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Complete |
The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. |
8 |
CVE-2011-1746 |
189 |
|
DoS Overflow |
2011-05-09 |
2020-07-28 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages. |
9 |
CVE-2011-1745 |
190 |
|
DoS Overflow +Priv |
2011-05-09 |
2020-08-04 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. |
10 |
CVE-2011-1593 |
190 |
|
DoS Overflow |
2011-05-03 |
2020-08-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. |
11 |
CVE-2011-1093 |
476 |
|
DoS |
2011-07-18 |
2020-07-31 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet. |
12 |
CVE-2011-1083 |
400 |
|
DoS |
2011-04-04 |
2020-08-12 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. |
13 |
CVE-2011-0695 |
362 |
|
DoS |
2011-03-15 |
2020-08-11 |
5.7 |
None |
Local Network |
Medium |
Not required |
None |
None |
Complete |
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference. |
14 |
CVE-2010-4649 |
190 |
|
DoS Overflow Mem. Corr. |
2011-02-18 |
2020-08-11 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member. |