VIR Vulnerability Intelligence Relay

Search

Found 727 results in 144ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2013-0749 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey…
CVE-2013-0746 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 d…
CVE-2013-0745 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly…
CVE-2013-0744 critical 9.3 suse suseubuntu ubuntu rhel mozilla 14y ago Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird b…
CVE-2012-5144 critical 10.0 FIX debian debiansuse suseubuntu ubuntu libavgoogle 14y ago Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory …
CVE-2012-5688 high 7.8 FIX debian debianubuntu ubuntu isc 14y ago ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
CVE-2012-3515 high 7.2 FIX suse suse rheldebian debian qemuredhat 14y ago Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 seq…
CVE-2012-5843 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memo…
CVE-2012-5842 critical 9.3 ubuntu ubuntususe susedebian debian mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey…
CVE-2012-5840 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.…
CVE-2012-5839 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.…
CVE-2012-5838 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause …
CVE-2012-5836 high 7.5 ubuntu ubuntususe suse mozilla 14y ago Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving…
CVE-2012-5835 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows…
CVE-2012-5833 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey befor…
CVE-2012-5830 high 8.8 8.8 macos macosubuntu ubuntususe suse mozillasuse 14y ago Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allow…
CVE-2012-5829 critical 9.3 ubuntu ubuntususe susedebian debian mozilla 14y ago Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and S…
CVE-2012-4218 critical 10.0 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to e…
CVE-2012-4217 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute…
CVE-2012-4216 critical 9.3 ubuntu ubuntususe susedebian debian mozilla 14y ago Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and S…
CVE-2012-4215 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x befor…
CVE-2012-4214 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.…
CVE-2012-4213 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary…
CVE-2012-4212 critical 10.0 ubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary cod…
CVE-2012-4204 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a deni…
CVE-2012-4202 critical 9.3 ubuntu ubuntususe suse rhel mozilla 14y ago Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.1…
CVE-2012-3163 critical 9.0 rhelubuntu ubuntudebian debian oraclemariadbf5 14y ago Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availab…
CVE-2012-3158 high 7.5 rhelubuntu ubuntudebian debian oraclemariadb 14y ago Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via …
CVE-2012-4191 critical 9.3 ubuntu ubuntu mozilla 14y ago The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers t…
CVE-2012-4188 critical 9.3 rhelubuntu ubuntudebian debian mozilla 14y ago Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey befor…
CVE-2012-4187 critical 9.3 rhelubuntu ubuntususe suse mozilla 14y ago Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, w…
CVE-2012-4186 critical 9.3 rhelubuntu ubuntudebian debian mozilla 14y ago Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, a…
CVE-2012-4185 critical 9.3 rhelubuntu ubuntususe suse mozilla 14y ago Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before …
CVE-2012-4183 critical 9.3 rhelubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0…
CVE-2012-4182 critical 9.3 rhelubuntu ubuntudebian debian mozilla 14y ago Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, a…
CVE-2012-4181 critical 9.3 rhelubuntu ubuntu mozilla 14y ago Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 1…
CVE-2012-4180 critical 9.3 rhelubuntu ubuntudebian debian mozilla 14y ago Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x befor…
CVE-2012-4179 critical 9.3 rhelubuntu ubuntudebian debian mozilla 14y ago Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before …
CVE-2012-3995 critical 9.3 rhelubuntu ubuntususe suse mozilla 14y ago The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote…
CVE-2012-3991 critical 9.3 rhelubuntu ubuntususe suse mozilla 14y ago Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetPro…
CVE-2012-3990 critical 9.3 rhelubuntu ubuntudebian debian mozilla 14y ago Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and S…
CVE-2012-3989 critical 9.3 ubuntu ubuntususe suse mozilla 14y ago Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object,…
CVE-2012-3988 critical 9.3 rhelubuntu ubuntususe suse mozilla 14y ago Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-as…
CVE-2012-3983 critical 10.0 ubuntu ubuntususe suse mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memo…
CVE-2012-3982 critical 9.3 rhelubuntu ubuntudebian debian mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey b…
CVE-2012-3412 high 7.8 FIX linux-kernelubuntu ubuntudebian debian 14y ago The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafte…
CVE-2012-3400 high 7.6 FIX linux-kernelubuntu ubuntudebian debian 14y ago Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have …
CVE-2012-3955 high 7.1 FIX ubuntu ubuntudebian debian isc 14y ago ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an envir…
CVE-2012-3968 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey bef…
CVE-2012-3967 critical 9.3 ubuntu ubuntususe suse linux-kernel mozilla 14y ago The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large …
CVE-2012-3963 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, a…
CVE-2012-3961 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey…
CVE-2012-3960 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before…
CVE-2012-3959 critical 10.0 ubuntu ubuntususe susedebian debian mozilla 14y ago Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0…
CVE-2012-3957 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and…
CVE-2012-3956 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 1…
CVE-2012-1976 critical 10.0 ubuntu ubuntususe suse rhel mozilla 14y ago Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x befor…
CVE-2012-1975 critical 10.0 ubuntu ubuntususe susedebian debian mozilla 14y ago Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and S…
CVE-2012-1974 critical 10.0 ubuntu ubuntususe susedebian debian mozilla 14y ago Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7…
CVE-2012-1973 critical 10.0 ubuntu ubuntususe susedebian debian mozilla 14y ago Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10…
CVE-2012-1972 critical 10.0 suse suseubuntu ubuntudebian debian mozilla 14y ago Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x befo…
CVE-2012-1970 critical 10.0 ubuntu ubuntususe susedebian debian mozilla 14y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey b…
CVE-2012-2665 high 7.5 FIX ubuntu ubuntudebian debian rhel apachelibreoffice 14y ago Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and po…
CVE-2011-4409 high 7.5 ubuntu ubuntu 14y ago The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive infor…
CVE-2011-3193 critical 9.3 FIX suse suse rhelubuntu ubuntu gnomeqt 14y ago Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (cra…
CVE-2012-1610 high 7.5 7.5 FIX debian debiansuse suseubuntu ubuntu imagemagick 14y ago Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component cou…
CVE-2012-1185 high 7.8 7.8 FIX debian debiansuse suseubuntu ubuntu imagemagick 14y ago Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execu…
CVE-2012-0247 high 8.8 8.8 FIX debian debian rhelubuntu ubuntu imagemagickredhat 14y ago ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit …
CVE-2012-0044 high 7.8 7.8 FIX linux-kernelubuntu ubuntu 14y ago Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privi…
CVE-2012-0444 critical 10.0 FIX debian debiansuse suseubuntu ubuntu mozilla 15y ago Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote …
CVE-2011-4405 high 7.5 FIX ubuntu ubuntudebian debian 15y ago The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting dat…
CVE-2011-2189 high 7.5 8.5 EXPFIX linux-kernel rhelubuntu ubuntu 15y ago net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause…
CVE-2011-3192 high 8.8 EXPFIX debian debianubuntu ubuntususe suse apache 15y ago The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range head…
CVE-2011-2749 high 7.8 FIX ubuntu ubuntudebian debian isc 15y ago The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
CVE-2011-2748 high 7.8 FIX ubuntu ubuntudebian debian isc 15y ago The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
CVE-2010-4656 high 7.8 7.8 FIX linux-kernelubuntu ubuntu 15y ago The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow…
CVE-2011-2692 high 8.8 8.8 fedora fedoradebian debianubuntu ubuntu libpng 15y ago The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows re…
CVE-2011-2690 high 8.8 8.8 fedora fedoradebian debianubuntu ubuntu libpng 15y ago Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set…
CVE-2011-0997 high 7.5 FIX debian debianubuntu ubuntu isc 15y ago dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a …
CVE-2011-1017 high 7.2 FIX linux-kernelubuntu ubuntu 16y ago Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via …
CVE-2011-0712 high 7.2 FIX linux-kernelubuntu ubuntu 16y ago Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly ha…
CVE-2010-4253 critical 9.3 ubuntu ubuntudebian debian apache 16y ago Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a …
CVE-2010-3454 critical 9.3 debian debianubuntu ubuntu apache 16y ago Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application cr…
CVE-2010-3453 critical 9.3 debian debianubuntu ubuntu apache 16y ago The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8…
CVE-2010-3452 critical 9.3 debian debianubuntu ubuntu apache 16y ago Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via…
CVE-2010-3451 critical 9.3 debian debianubuntu ubuntu apache 16y ago Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via…
CVE-2010-3450 critical 9.3 debian debianubuntu ubuntu apache 16y ago Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filte…
CVE-2011-0480 critical 9.3 FIX debian debianubuntu ubuntu google 16y ago Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of se…
CVE-2010-3705 high 8.3 FIX linux-kernelfedora fedoraubuntu ubuntu 16y ago The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denia…
CVE-2010-2962 high 7.2 FIX linux-kernelsuse susefedora fedora 16y ago drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly va…
CVE-2010-3432 high 7.8 FIX linux-kerneldebian debiansuse suse 16y ago The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial…
CVE-2010-3702 high 7.5 FIX debian debiansuse susefedora fedora applefreedesktopxpdfreader 16y ago The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent atta…
CVE-2010-2941 critical 9.8 9.8 FIX debian debiansuse susemacos macos apple 16y ago ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-f…
CVE-2010-2943 high 8.1 9.1 EXPFIX ubuntu ubuntu linux-kernel avaya 16y ago The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read…
CVE-2010-2537 high 7.1 7.1 FIX ubuntu ubuntususe suse linux-kernel 16y ago The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl c…
CVE-2010-3084 high 7.2 ubuntu ubuntu linux-kernel 16y ago Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other …
CVE-2010-2478 high 7.2 FIX ubuntu ubuntususe suse linux-kernel 16y ago Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspe…
CVE-2010-1773 high 8.8 8.8 rhelubuntu ubuntususe suse google 16y ago Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensi…
CVE-2010-1772 high 8.8 8.8 rhelubuntu ubuntususe suse google 16y ago Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denia…
CVE-2010-3301 high 8.2 EXPFIX linux-kernelubuntu ubuntu 16y ago The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit ent…