VIR Vulnerability Intelligence Relay

Search

Found 844 results in 622ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2010-3298 low 2.1 FIX ubuntu ubuntususe suse linux-kernel 16y ago The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensi…
CVE-2010-3297 low 2.1 FIX ubuntu ubuntususe suse linux-kernel 16y ago The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensit…
CVE-2010-3296 low 2.1 FIX ubuntu ubuntususe suse linux-kernel 16y ago The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain p…
CVE-2010-2943 high 8.1 9.1 EXPFIX ubuntu ubuntu linux-kernel avaya 16y ago The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read…
CVE-2010-2537 high 7.1 7.1 FIX ubuntu ubuntususe suse linux-kernel 16y ago The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl c…
CVE-2010-3310 low 1.9 ubuntu ubuntu linux-kerneldebian debian 16y ago Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have u…
CVE-2010-3084 high 7.2 ubuntu ubuntu linux-kernel 16y ago Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other …
CVE-2010-2946 low 2.1 FIX ubuntu ubuntu linux-kernel 16y ago fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespac…
CVE-2010-2478 high 7.2 FIX ubuntu ubuntususe suse linux-kernel 16y ago Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspe…
CVE-2010-1773 high 8.8 8.8 rhelubuntu ubuntususe suse google 16y ago Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensi…
CVE-2010-1772 high 8.8 8.8 rhelubuntu ubuntususe suse google 16y ago Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denia…
CVE-2010-3301 high 8.2 EXPFIX linux-kernelubuntu ubuntu 16y ago The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit ent…
CVE-2010-3477 low 2.1 FIX linux-kernelubuntu ubuntudebian debian 16y ago The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certa…
CVE-2010-3080 high 7.2 FIX linux-kernelubuntu ubuntususe suse 16y ago Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly …
CVE-2010-3069 high 7.5 FIX ubuntu ubuntudebian debian samba 16y ago Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code…
CVE-2010-2960 high 7.8 7.8 FIX linux-kernelubuntu ubuntususe suse 16y ago The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a deni…
CVE-2010-2955 low 2.1 FIX linux-kernelubuntu ubuntususe suse 16y ago The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users …
CVE-2010-2798 high 7.8 7.8 FIX linux-kerneldebian debianubuntu ubuntu avaya 16y ago The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local user…
CVE-2010-2524 high 7.8 7.8 FIX linux-kernelubuntu ubuntususe suse 16y ago The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the ci…
CVE-2010-2495 critical 10.0 FIX linux-kernelubuntu ubuntususe suse 16y ago The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows …
CVE-2010-3257 critical 9.3 FIX ubuntu ubuntumacos macos googlewebkitgtkapple 16y ago Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute ar…
CVE-2010-2226 low 2.1 FIX linux-kerneldebian debianubuntu ubuntu 16y ago The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write a…
CVE-2010-3116 critical 10.0 FIX ubuntu ubuntumacos macos googleapplewebkitgtk 16y ago Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to…
CVE-2010-3114 critical 10.0 ubuntu ubuntu googlewebkitgtk 16y ago The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors r…
CVE-2010-3113 critical 10.0 ubuntu ubuntu googlewebkitgtk 16y ago Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have u…
CVE-2010-0834 critical 9.3 FIX debian debianubuntu ubuntu 16y ago The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for packag…
CVE-2010-2008 low 4.5 EXP ubuntu ubuntufedora fedora oracle 16y ago MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# strin…
CVE-2010-2648 critical 9.3 suse suseubuntu ubuntu google 16y ago The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or po…
CVE-2010-2647 critical 9.3 ubuntu ubuntu google 16y ago Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document.
CVE-2010-1205 critical 9.8 10.0 EXPFIX macos macossuse susedebian debian libpnggoogleapple 16y ago Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers…
CVE-2010-2063 high 8.5 EXPFIX ubuntu ubuntudebian debian samba 16y ago Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory c…
CVE-2010-1770 critical 9.3 macos macoswindows windowsubuntu ubuntu applegoogle 16y ago WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of…
CVE-2010-0395 critical 9.3 fedora fedoraubuntu ubuntudebian debian apache 16y ago OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file…
CVE-2010-0050 high 8.8 9.8 EXPFIX ubuntu ubuntufedora fedoramacos macos apple 17y ago Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improp…
CVE-2010-0302 high 7.5 7.5 FIX debian debianubuntu ubuntufedora fedora apple 17y ago Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epol…
CVE-2010-0159 critical 10.0 ubuntu ubuntudebian debian mozilla 17y ago The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory cor…
CVE-2010-0650 low 2.6 ubuntu ubuntu googleapple 17y ago WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.
CVE-2010-0136 critical 9.3 ubuntu ubuntudebian debian apache 17y ago OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted…
CVE-2009-3302 critical 9.3 ubuntu ubuntudebian debian apache 17y ago filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table p…
CVE-2009-3301 critical 9.3 ubuntu ubuntudebian debian apache 17y ago Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafte…
CVE-2009-2950 critical 9.3 ubuntu ubuntudebian debian apache 17y ago Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service…
CVE-2009-2949 critical 9.3 ubuntu ubuntudebian debian apache 17y ago Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that…
CVE-2009-4013 critical 9.8 9.8 FIX debian debianubuntu ubuntu debian 17y ago Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive i…
CVE-2009-3555 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntufedora fedora apachegnumozilla 17y ago The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9…