VIR Vulnerability Intelligence Relay

Search

Found 937 results in 141ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2010-1815 medium 6.8 FIX ubuntu ubuntumacos macos webkitgtk 16y ago Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2010-1814 medium 6.8 FIX ubuntu ubuntumacos macos webkitgtk 16y ago WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicat…
CVE-2010-1812 medium 6.8 FIX ubuntu ubuntumacos macos webkitgtk 16y ago Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2010-1781 medium 6.8 FIX ubuntu ubuntumacos macos 16y ago Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors…
CVE-2010-2955 low 2.1 FIX linux-kernelubuntu ubuntususe suse 16y ago The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users …
CVE-2010-2066 medium 5.5 5.5 FIX linux-kernelubuntu ubuntususe suse 16y ago The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as …
CVE-2009-4895 medium 4.7 4.7 FIX linux-kerneldebian debianubuntu ubuntu 16y ago Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or p…
CVE-2010-3259 medium 4.3 FIX ubuntu ubuntumacos macos googlewebkitgtkapple 16y ago WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS …
CVE-2010-3248 medium 5.0 ubuntu ubuntu google 16y ago Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors.
CVE-2010-2954 medium 4.9 FIX linux-kernelubuntu ubuntususe suse 16y ago The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a d…
CVE-2010-2226 low 2.1 FIX linux-kerneldebian debianubuntu ubuntu 16y ago The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write a…
CVE-2010-3115 medium 5.0 ubuntu ubuntu googlewebkitgtk 16y ago Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.
CVE-2010-2808 medium 6.8 FIX debian debianmacos macosubuntu ubuntu freetype 16y ago Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or poss…
CVE-2010-2807 medium 6.8 FIX debian debianmacos macosubuntu ubuntu freetype 16y ago FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…
CVE-2010-2806 medium 6.8 FIX debian debianmacos macosubuntu ubuntu freetype 16y ago Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary …
CVE-2010-2805 medium 6.8 FIX debian debianmacos macosubuntu ubuntu freetype 16y ago The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (applicati…
CVE-2010-2541 medium 6.8 FIX debian debianubuntu ubuntu freetype 16y ago Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cra…
CVE-2010-2527 medium 6.8 FIX debian debianubuntu ubuntu freetype 16y ago Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
CVE-2010-2520 medium 5.1 FIX debian debianubuntu ubuntumacos macos freetype 16y ago Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (ap…
CVE-2010-2519 medium 6.8 FIX debian debianubuntu ubuntumacos macos freetype 16y ago Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execut…
CVE-2010-2500 medium 6.8 FIX debian debianubuntu ubuntumacos macos freetype 16y ago Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary c…
CVE-2010-2499 medium 6.8 FIX debian debianubuntu ubuntumacos macos freetype 16y ago Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary…
CVE-2010-2498 medium 6.8 FIX debian debianubuntu ubuntumacos macos freetype 16y ago The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap me…
CVE-2010-2008 low 4.5 EXP ubuntu ubuntufedora fedora oracle 16y ago MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# strin…
CVE-2010-0832 medium 7.9 EXPFIX ubuntu ubuntudebian debian 16y ago pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the own…
CVE-2010-2249 medium 6.5 6.5 FIX macos macossuse susedebian debian libpngapplevmware 16y ago Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing m…
CVE-2010-2067 medium 6.8 FIX ubuntu ubuntudebian debian libtiff 16y ago Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly exec…
CVE-2010-1634 medium 5.0 FIX suse suseubuntu ubuntufedora fedora python 16y ago Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment,…
CVE-2010-1321 medium 6.8 FIX debian debiansuse suseubuntu ubuntu mitoracle 16y ago The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not pr…
CVE-2010-1624 medium 5.0 FIX ubuntu ubuntudebian debian pidgin 16y ago The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and appl…
CVE-2010-0629 medium 6.5 6.5 FIX debian debianfedora fedorasuse suse mit 16y ago Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) vi…
CVE-2010-1187 medium 4.9 linux-kernelubuntu ubuntudebian debian 16y ago The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) …
CVE-2010-0205 medium 4.3 FIX ubuntu ubuntudebian debianfedora fedora libpng 17y ago The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a dispropo…
CVE-2010-0410 medium 4.9 FIX ubuntu ubuntudebian debian linux-kernel 17y ago drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR me…
CVE-2010-0650 low 2.6 ubuntu ubuntu googleapple 17y ago WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.
CVE-2010-0307 medium 5.7 EXPFIX ubuntu ubuntudebian debian linux-kernel 17y ago The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY m…
CVE-2010-0623 medium 4.9 FIX ubuntu ubuntu linux-kernelsuse suse 17y ago The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via…