Max CVSS 10.0 Min CVSS 1.2 Total Count60
IDCVSSSummaryLast (major) updatePublished
CVE-2010-2491 4.3
Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the template argument to the /issue program.
31-05-2012 - 00:00 24-09-2010 - 15:00
CVE-2010-3301 7.2
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users
19-03-2012 - 00:00 22-09-2010 - 15:00
CVE-2010-3298 4.9
The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIO
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-3297 2.1
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-3296 4.9
The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-3084 7.2
Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.
19-03-2012 - 00:00 29-09-2010 - 13:00
CVE-2010-3081 7.2
The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to
19-03-2012 - 00:00 24-09-2010 - 16:00
CVE-2010-3080 4.9
Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful a
19-03-2012 - 00:00 21-09-2010 - 14:00
CVE-2010-3079 4.7
kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference a
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-3078 2.1
The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an
19-03-2012 - 00:00 21-09-2010 - 14:00
CVE-2010-3015 4.7
Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a
19-03-2012 - 00:00 20-08-2010 - 14:00
CVE-2010-2960 7.2
The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2959 7.2
Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code o
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2955 3.3
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standa
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2954 4.9
The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and pani
19-03-2012 - 00:00 03-09-2010 - 16:00
CVE-2010-2946 2.1
fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespace restrictions via an "os2." substring at the begin
19-03-2012 - 00:00 29-09-2010 - 13:00
CVE-2010-2942 2.1
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive in
19-03-2012 - 00:00 21-09-2010 - 14:00
CVE-2010-2803 1.9
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain p
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2798 7.2
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer derefe
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2538 4.7
Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-2537 6.3
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-2524 4.4
The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local user
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2521 10.0
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compou
19-03-2012 - 00:00 07-09-2010 - 13:00
CVE-2010-2495 10.0
The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointe
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2492 7.2
Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2478 7.2
Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL etht
19-03-2012 - 00:00 29-09-2010 - 13:00
CVE-2010-2248 7.8
fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 ser
19-03-2012 - 00:00 07-09-2010 - 13:00
CVE-2010-2240 7.2
The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent at
19-03-2012 - 00:00 03-09-2010 - 16:00
CVE-2010-2226 1.9
The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file i
19-03-2012 - 00:00 03-09-2010 - 16:00
CVE-2010-2071 4.6
The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated usi
19-03-2012 - 00:00 16-06-2010 - 16:30
CVE-2010-2066 1.9
The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-1643 6.9
mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or po
19-03-2012 - 00:00 03-06-2010 - 10:30
CVE-2010-1641 4.6
The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
19-03-2012 - 00:00 01-06-2010 - 16:30
CVE-2010-1636 2.1
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users
19-03-2012 - 00:00 07-06-2010 - 20:30
CVE-2010-1437 1.9
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact v
19-03-2012 - 00:00 07-05-2010 - 14:30
CVE-2010-1187 4.9
The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before enterin
19-03-2012 - 00:00 31-03-2010 - 14:00
CVE-2010-1173 7.1
The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invali
19-03-2012 - 00:00 07-05-2010 - 14:30
CVE-2010-1162 7.2
The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the put_pid function, which has unspecified impact and local attack vectors.
19-03-2012 - 00:00 20-04-2010 - 11:30
CVE-2010-1148 4.7
The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a
19-03-2012 - 00:00 12-04-2010 - 13:30
CVE-2010-1146 6.9
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonst
19-03-2012 - 00:00 12-04-2010 - 14:30
CVE-2010-1088 5.4
fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.
19-03-2012 - 00:00 06-04-2010 - 18:30
CVE-2010-1087 7.8
The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.
19-03-2012 - 00:00 06-04-2010 - 18:30
CVE-2010-0622 2.1
The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly hav
19-03-2012 - 00:00 15-02-2010 - 13:30
CVE-2010-0415 4.6
The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other
19-03-2012 - 00:00 17-02-2010 - 13:30
CVE-2009-4537 7.8
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via
19-03-2012 - 00:00 12-01-2010 - 12:30
CVE-2009-4308 7.1
The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via
19-03-2012 - 00:00 12-12-2009 - 20:30
CVE-2009-3722 7.1
The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of servi
19-03-2012 - 00:00 30-10-2009 - 16:30
CVE-2009-3620 4.9
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash
19-03-2012 - 00:00 22-10-2009 - 12:00
CVE-2009-3228 4.9
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users
19-03-2012 - 00:00 19-10-2009 - 16:00
CVE-2009-2846 7.8
The eisa_eeprom_read function in the parisc isa-eeprom component (drivers/parisc/eisa_eeprom.c) in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes tha
19-03-2012 - 00:00 18-08-2009 - 17:00
CVE-2009-2287 4.9
The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang)
19-03-2012 - 00:00 01-07-2009 - 09:00
CVE-2009-1389 7.8
Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.
19-03-2012 - 00:00 16-06-2009 - 19:30
CVE-2008-7256 1.2
mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer de
19-03-2012 - 00:00 03-06-2010 - 10:30
CVE-2010-3069 7.5
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file
26-08-2011 - 23:42 15-09-2010 - 14:00
CVE-2010-2600 9.3
Untrusted search path vulnerability in BlackBerry Desktop Software before 6.0.0.47 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folde
18-07-2011 - 22:38 15-09-2010 - 14:00
CVE-2010-1526 6.8
Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2) a crafted JPEG file, related to the gdip_load_jpe
07-12-2010 - 01:47 24-08-2010 - 18:00
CVE-2010-3082 4.3
Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken (aka csrf_token) cookie.
05-11-2010 - 01:47 14-09-2010 - 15:00
CVE-2010-1519 6.8
Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to (1) the pngLoadRawF function and (2) the pngLoadF function, leading to heap-based buffer overflows.
17-09-2010 - 01:46 16-08-2010 - 11:14
CVE-2009-1573 4.6
xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie (MCOOKIE) on the command line, which allows local users to gain privileges by listing the process and its arguments.
27-05-2010 - 01:40 06-05-2009 - 13:30
CVE-2010-0280 9.3
Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, prob
18-01-2010 - 00:00 15-01-2010 - 12:30
Back to Top Mark selected
Back to Top