VIR Vulnerability Intelligence Relay

Search

Found 1,547 results in 626ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2010-3257 critical 9.3 FIX ubuntu ubuntumacos macos googlewebkitgtkapple 16y ago Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute ar…
CVE-2010-3248 medium 5.0 ubuntu ubuntu google 16y ago Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors.
CVE-2010-2954 medium 4.9 FIX linux-kernelubuntu ubuntususe suse 16y ago The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a d…
CVE-2010-3116 critical 10.0 FIX ubuntu ubuntumacos macos googleapplewebkitgtk 16y ago Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to…
CVE-2010-3115 medium 5.0 ubuntu ubuntu googlewebkitgtk 16y ago Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.
CVE-2010-3114 critical 10.0 ubuntu ubuntu googlewebkitgtk 16y ago The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors r…
CVE-2010-3113 critical 10.0 ubuntu ubuntu googlewebkitgtk 16y ago Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have u…
CVE-2010-2808 medium 6.8 FIX debian debianmacos macosubuntu ubuntu freetype 16y ago Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or poss…
CVE-2010-2807 medium 6.8 FIX debian debianmacos macosubuntu ubuntu freetype 16y ago FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…
CVE-2010-2806 medium 6.8 FIX debian debianmacos macosubuntu ubuntu freetype 16y ago Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary …
CVE-2010-2805 medium 6.8 FIX debian debianmacos macosubuntu ubuntu freetype 16y ago The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (applicati…
CVE-2010-2541 medium 6.8 FIX debian debianubuntu ubuntu freetype 16y ago Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cra…
CVE-2010-2527 medium 6.8 FIX debian debianubuntu ubuntu freetype 16y ago Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
CVE-2010-2520 medium 5.1 FIX debian debianubuntu ubuntumacos macos freetype 16y ago Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (ap…
CVE-2010-2519 medium 6.8 FIX debian debianubuntu ubuntumacos macos freetype 16y ago Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execut…
CVE-2010-2500 medium 6.8 FIX debian debianubuntu ubuntumacos macos freetype 16y ago Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary c…
CVE-2010-2499 medium 6.8 FIX debian debianubuntu ubuntumacos macos freetype 16y ago Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary…
CVE-2010-2498 medium 6.8 FIX debian debianubuntu ubuntumacos macos freetype 16y ago The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap me…
CVE-2010-0834 critical 9.3 FIX debian debianubuntu ubuntu 16y ago The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for packag…
CVE-2010-0832 medium 7.9 EXPFIX ubuntu ubuntudebian debian 16y ago pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the own…
CVE-2010-2648 critical 9.3 suse suseubuntu ubuntu google 16y ago The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or po…
CVE-2010-2647 critical 9.3 ubuntu ubuntu google 16y ago Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document.
CVE-2010-2249 medium 6.5 6.5 FIX macos macossuse susedebian debian libpngapplevmware 16y ago Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing m…
CVE-2010-1205 critical 9.8 10.0 EXPFIX macos macossuse susedebian debian libpnggoogleapple 16y ago Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers…
CVE-2010-2067 medium 6.8 FIX ubuntu ubuntudebian debian libtiff 16y ago Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly exec…
CVE-2010-2063 high 8.5 EXPFIX ubuntu ubuntudebian debian samba 16y ago Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory c…
CVE-2010-1770 critical 9.3 macos macoswindows windowsubuntu ubuntu applegoogle 16y ago WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of…
CVE-2010-0395 critical 9.3 fedora fedoraubuntu ubuntudebian debian apache 16y ago OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file…
CVE-2010-1634 medium 5.0 FIX suse suseubuntu ubuntufedora fedora python 16y ago Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment,…
CVE-2010-1321 medium 6.8 FIX debian debiansuse suseubuntu ubuntu mitoracle 16y ago The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not pr…
CVE-2010-1624 medium 5.0 FIX ubuntu ubuntudebian debian pidgin 16y ago The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and appl…
CVE-2010-0629 medium 6.5 6.5 FIX debian debianfedora fedorasuse suse mit 16y ago Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) vi…
CVE-2010-1187 medium 4.9 linux-kernelubuntu ubuntudebian debian 16y ago The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) …
CVE-2010-0050 high 8.8 9.8 EXPFIX ubuntu ubuntufedora fedoramacos macos apple 17y ago Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improp…
CVE-2010-0302 high 7.5 7.5 FIX debian debianubuntu ubuntufedora fedora apple 17y ago Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epol…
CVE-2010-0205 medium 4.3 FIX ubuntu ubuntudebian debianfedora fedora libpng 17y ago The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a dispropo…
CVE-2010-0410 medium 4.9 FIX ubuntu ubuntudebian debian linux-kernel 17y ago drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR me…
CVE-2010-0159 critical 10.0 ubuntu ubuntudebian debian mozilla 17y ago The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory cor…
CVE-2010-0307 medium 5.7 EXPFIX ubuntu ubuntudebian debian linux-kernel 17y ago The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY m…
CVE-2010-0136 critical 9.3 ubuntu ubuntudebian debian apache 17y ago OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted…
CVE-2009-3302 critical 9.3 ubuntu ubuntudebian debian apache 17y ago filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table p…
CVE-2009-3301 critical 9.3 ubuntu ubuntudebian debian apache 17y ago Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafte…
CVE-2009-2950 critical 9.3 ubuntu ubuntudebian debian apache 17y ago Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service…
CVE-2009-2949 critical 9.3 ubuntu ubuntudebian debian apache 17y ago Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that…
CVE-2010-0623 medium 4.9 FIX ubuntu ubuntu linux-kernelsuse suse 17y ago The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via…
CVE-2009-4013 critical 9.8 9.8 FIX debian debianubuntu ubuntu debian 17y ago Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive i…
CVE-2009-3555 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntufedora fedora apachegnumozilla 17y ago The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9…