Max CVSS 9.3 Min CVSS 1.9 Total Count54
IDCVSSSummaryLast (major) updatePublished
CVE-2011-1577 4.9
Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted si
03-09-2015 - 10:18 03-05-2011 - 15:55
CVE-2011-1163 2.1
The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vector
11-05-2015 - 21:59 09-04-2011 - 22:51
CVE-2011-1090 4.9
The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service (panic) via a crafted a
11-05-2015 - 21:59 09-05-2011 - 15:55
CVE-2011-1746 6.9
Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of ser
13-01-2014 - 23:07 09-05-2011 - 15:55
CVE-2011-0258 9.3
Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file.
02-11-2013 - 23:09 06-09-2011 - 11:55
CVE-2011-0257 9.3
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.
02-11-2013 - 23:09 15-08-2011 - 17:55
CVE-2011-0256 9.3
Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file.
02-11-2013 - 23:09 15-08-2011 - 17:55
CVE-2011-0252 9.3
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file.
02-11-2013 - 23:09 03-08-2011 - 22:45
CVE-2011-0251 9.3
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file.
02-11-2013 - 23:09 03-08-2011 - 22:45
CVE-2011-0250 9.3
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.
02-11-2013 - 23:09 03-08-2011 - 22:45
CVE-2011-0249 9.3
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file.
02-11-2013 - 23:09 03-08-2011 - 22:45
CVE-2011-0247 9.3
Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.
02-11-2013 - 23:08 03-08-2011 - 22:45
CVE-2011-0246 9.3
Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
02-11-2013 - 23:08 03-08-2011 - 22:45
CVE-2011-0245 9.3
Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file.
02-11-2013 - 23:08 03-08-2011 - 22:45
CVE-2011-1598 4.9
The bcm_release function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other im
19-03-2012 - 00:00 09-05-2011 - 18:55
CVE-2010-4077 1.9
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memo
19-03-2012 - 00:00 29-11-2010 - 11:00
CVE-2010-4076 1.9
The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TI
19-03-2012 - 00:00 29-11-2010 - 11:00
CVE-2011-2720 5.0
The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request.
15-02-2012 - 23:15 05-08-2011 - 17:55
CVE-2011-2819 7.5
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2818 7.5
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2805 7.5
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2804 7.5
Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2803 5.0
Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2802 6.8
Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2801 7.5
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the frame loader.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2800 4.3
Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2799 7.5
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2798 5.0
Google Chrome before 13.0.782.107 does not properly restrict access to internal schemes, which allows remote attackers to have an unspecified impact via a crafted web site.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2797 7.5
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2796 7.5
Use-after-free vulnerability in Skia, as used in Google Chrome before 13.0.782.107, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2795 5.8
Google Chrome before 13.0.782.107 does not prevent calls to functions in other frames, which allows remote attackers to bypass intended access restrictions via a crafted web site, related to a "cross-frame function leak."
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2794 5.0
Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2793 7.5
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2792 7.5
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2791 7.5
The International Components for Unicode (ICU) functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2790 7.5
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2789 7.5
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to instantiation of the Pepper plug-in.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2788 6.8
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2787 5.0
Google Chrome before 13.0.782.107 does not properly address re-entrancy issues associated with the GPU lock, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2786 4.3
Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted web page containing an INPUT element.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2785 4.3
The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2784 5.0
Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2783 6.4
Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.
26-01-2012 - 23:01 02-08-2011 - 20:55
CVE-2011-2361 4.3
The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site.
26-01-2012 - 23:00 02-08-2011 - 20:55
CVE-2011-2360 5.0
Google Chrome before 13.0.782.107 does not ensure that the user is prompted before download of a dangerous file, which makes it easier for remote attackers to bypass intended content restrictions via a crafted web site.
26-01-2012 - 23:00 02-08-2011 - 20:55
CVE-2011-2359 7.5
Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
26-01-2012 - 23:00 02-08-2011 - 20:55
CVE-2011-2358 6.4
Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.
26-01-2012 - 23:00 02-08-2011 - 20:55
CVE-2011-0210 6.8
QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.
26-10-2011 - 23:21 24-06-2011 - 16:55
CVE-2011-0187 4.3
The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect.
20-10-2011 - 22:51 22-03-2011 - 22:00
CVE-2011-0213 6.8
Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.
10-08-2011 - 22:48 24-06-2011 - 16:55
CVE-2011-0211 6.8
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
10-08-2011 - 22:48 24-06-2011 - 16:55
CVE-2011-0209 6.8
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.
10-08-2011 - 22:48 24-06-2011 - 16:55
CVE-2011-0186 6.8
QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.
10-08-2011 - 22:48 22-03-2011 - 22:00
CVE-2011-0248 9.3
Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QT
05-08-2011 - 00:00 03-08-2011 - 22:45
Back to Top Mark selected
Back to Top