Max CVSS 10.0 Min CVSS 1.2 Total Count145
IDCVSSSummaryLast (major) updatePublished
CVE-2005-3276 2.1
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3275 2.6
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3274 1.2
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection tab
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3273 5.0
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array ou
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3271 2.1
Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specifi
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3180 5.0
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
19-02-2017 - 00:09 12-10-2005 - 09:04
CVE-2005-3055 2.1
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer ref
19-02-2017 - 00:09 26-09-2005 - 15:03
CVE-2013-0787 9.3
Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey
06-01-2017 - 21:59 11-03-2013 - 06:55
CVE-2009-2409 5.1
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificat
07-12-2016 - 22:01 30-07-2009 - 15:30
CVE-2010-4476 5.0
The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows rem
22-08-2016 - 22:02 17-02-2011 - 14:00
CVE-2010-4472 2.6
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous
22-08-2016 - 22:02 17-02-2011 - 14:00
CVE-2010-4471 5.0
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect co
22-08-2016 - 22:02 17-02-2011 - 14:00
CVE-2010-4470 5.0
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the
22-08-2016 - 22:02 17-02-2011 - 14:00
CVE-2010-4469 10.0
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Jav
22-08-2016 - 22:02 17-02-2011 - 14:00
CVE-2010-4465 10.0
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Jav
22-08-2016 - 22:02 17-02-2011 - 14:00
CVE-2010-4450 3.7
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux all
22-08-2016 - 22:02 17-02-2011 - 14:00
CVE-2010-4448 2.6
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java ap
22-08-2016 - 22:02 17-02-2011 - 14:00
CVE-2010-4489 4.3
libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebM video. NOTE: this vulnerability exists because of a regression.
13-11-2015 - 11:32 07-12-2010 - 16:00
CVE-2011-0706 7.5
The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descripto
04-10-2014 - 00:34 18-02-2011 - 20:00
CVE-2010-4258 6.2
The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain pri
13-09-2013 - 02:38 30-12-2010 - 14:00
CVE-2008-0412 9.3
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableF
13-09-2013 - 01:50 08-02-2008 - 17:00
CVE-2008-0418 4.3
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome:
09-09-2013 - 01:30 08-02-2008 - 17:00
CVE-2008-4060 7.5
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vector
02-09-2013 - 01:45 24-09-2008 - 16:37
CVE-2008-4059 7.5
The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.
25-08-2013 - 01:50 24-09-2008 - 16:37
CVE-2010-3859 6.9
Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in ne
21-08-2013 - 02:25 29-12-2010 - 13:00
CVE-2008-4063 9.3
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1)
19-08-2013 - 12:43 24-09-2008 - 16:37
CVE-2010-4081 1.9
The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_
06-08-2013 - 17:23 30-11-2010 - 17:14
CVE-2008-4058 7.5
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vec
27-07-2013 - 01:50 24-09-2008 - 16:37
CVE-2007-5901 6.9
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code.
23-07-2013 - 03:53 05-12-2007 - 21:46
CVE-2010-4160 6.9
Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to c
21-01-2013 - 00:00 07-01-2011 - 07:00
CVE-2008-5512 6.8
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown v
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5511 4.3
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to a
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5510 5.0
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms s
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5508 4.3
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5507 6.0
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL th
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5506 6.8
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-contr
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5503 2.6
The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5500 10.0
The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via ve
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-4069 5.0
The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file.
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4068 7.8
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive inf
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4067 4.3
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash)
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4066 4.3
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4065 4.3
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) charact
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4064 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4062 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or po
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4061 10.0
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash)
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-3837 9.3
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted
29-10-2012 - 23:15 24-09-2008 - 16:37
CVE-2008-3836 7.5
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _in
29-10-2012 - 23:15 24-09-2008 - 16:37
CVE-2008-3835 7.5
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vect
29-10-2012 - 23:15 24-09-2008 - 16:37
CVE-2008-0016 10.0
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.
29-10-2012 - 23:04 24-09-2008 - 16:37
CVE-2009-2408 6.8
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certif
22-10-2012 - 23:08 30-07-2009 - 15:30
CVE-2009-2404 9.3
Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a d
22-10-2012 - 23:08 03-08-2009 - 10:30
CVE-2005-2709 4.6
The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unreg
25-06-2012 - 00:00 20-11-2005 - 17:03
CVE-2011-0709 7.8
The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table.
19-03-2012 - 00:00 18-02-2011 - 15:00
CVE-2010-4655 1.2
net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool i
19-03-2012 - 00:00 18-07-2011 - 15:55
CVE-2010-4256 4.9
The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 does not properly determine whether a file is a named pipe, which allows local users to cause a denial of service via an F_SETPIPE_SZ fcntl call.
19-03-2012 - 00:00 25-01-2011 - 14:00
CVE-2010-4249 4.9
The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via
19-03-2012 - 00:00 29-11-2010 - 11:00
CVE-2010-4243 4.9
fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a cr
19-03-2012 - 00:00 22-01-2011 - 17:00
CVE-2010-4242 4.0
The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of servic
19-03-2012 - 00:00 10-01-2011 - 22:00
CVE-2010-4175 4.9
Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) in Linux kernel 2.6.35 allows local users to cause a denial of service (crash) and possibly trigger memory corruption via a crafted Reliable Datagram Sockets (RDS) request, a differ
19-03-2012 - 00:00 10-01-2011 - 22:00
CVE-2010-4169 4.9
Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call.
19-03-2012 - 00:00 22-11-2010 - 08:00
CVE-2010-4165 4.9
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small v
19-03-2012 - 00:00 22-11-2010 - 08:00
CVE-2010-4164 7.8
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CL
19-03-2012 - 00:00 03-01-2011 - 15:00
CVE-2010-4162 4.7
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.
19-03-2012 - 00:00 03-01-2011 - 15:00
CVE-2010-4158 2.1
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users t
19-03-2012 - 00:00 30-12-2010 - 14:00
CVE-2010-4157 6.0
Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argu
19-03-2012 - 00:00 10-12-2010 - 14:00
CVE-2010-4082 1.9
The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack
19-03-2012 - 00:00 30-11-2010 - 17:14
CVE-2010-4080 1.9
The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HD
19-03-2012 - 00:00 30-11-2010 - 17:14
CVE-2010-4073 1.9
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat
19-03-2012 - 00:00 29-11-2010 - 11:00
CVE-2010-4072 1.9
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmct
19-03-2012 - 00:00 29-11-2010 - 11:00
CVE-2010-3904 7.2
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privile
19-03-2012 - 00:00 06-12-2010 - 15:13
CVE-2010-3874 4.0
Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial
19-03-2012 - 00:00 29-12-2010 - 13:00
CVE-2010-3861 2.1
The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command
19-03-2012 - 00:00 10-12-2010 - 14:00
CVE-2010-3858 4.9
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit pl
19-03-2012 - 00:00 30-11-2010 - 16:38
CVE-2010-3850 4.9
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR i
19-03-2012 - 00:00 30-12-2010 - 14:00
CVE-2010-3849 4.7
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a N
19-03-2012 - 00:00 30-12-2010 - 14:00
CVE-2010-3848 6.9
Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.
19-03-2012 - 00:00 30-12-2010 - 14:00
CVE-2010-3705 8.3
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a cr
19-03-2012 - 00:00 26-11-2010 - 15:00
CVE-2010-3477 2.1
The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to o
19-03-2012 - 00:00 21-09-2010 - 16:00
CVE-2010-3442 4.7
Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a
19-03-2012 - 00:00 04-10-2010 - 17:00
CVE-2010-3437 6.6
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dere
19-03-2012 - 00:00 04-10-2010 - 17:00
CVE-2010-3432 7.8
The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP
19-03-2012 - 00:00 22-11-2010 - 08:00
CVE-2010-3310 1.9
Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function
19-03-2012 - 00:00 29-09-2010 - 13:00
CVE-2010-3301 7.2
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users
19-03-2012 - 00:00 22-09-2010 - 15:00
CVE-2010-3298 4.9
The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIO
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-3297 2.1
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-3296 4.9
The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-3084 7.2
Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.
19-03-2012 - 00:00 29-09-2010 - 13:00
CVE-2010-3080 4.9
Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful a
19-03-2012 - 00:00 21-09-2010 - 14:00
CVE-2010-3079 4.7
kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference a
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-3078 2.1
The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an
19-03-2012 - 00:00 21-09-2010 - 14:00
CVE-2010-3067 4.9
Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.
19-03-2012 - 00:00 21-09-2010 - 14:00
CVE-2010-3015 4.7
Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a
19-03-2012 - 00:00 20-08-2010 - 14:00
CVE-2010-2963 6.2
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kerne
19-03-2012 - 00:00 26-11-2010 - 14:00
CVE-2010-2962 7.2
drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows l
19-03-2012 - 00:00 26-11-2010 - 14:00
CVE-2010-2960 7.2
The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2955 3.3
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standa
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2954 4.9
The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and pani
19-03-2012 - 00:00 03-09-2010 - 16:00
CVE-2010-2946 2.1
fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespace restrictions via an "os2." substring at the begin
19-03-2012 - 00:00 29-09-2010 - 13:00
CVE-2010-2943 7.9
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assign
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-2942 2.1
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive in
19-03-2012 - 00:00 21-09-2010 - 14:00
CVE-2010-2798 7.2
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer derefe
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2538 4.7
Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-2537 6.3
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.
19-03-2012 - 00:00 30-09-2010 - 11:00
CVE-2010-2524 4.4
The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local user
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2521 10.0
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compou
19-03-2012 - 00:00 07-09-2010 - 13:00
CVE-2010-2495 10.0
The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointe
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2010-2478 7.2
Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL etht
19-03-2012 - 00:00 29-09-2010 - 13:00
CVE-2010-2248 7.8
fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 ser
19-03-2012 - 00:00 07-09-2010 - 13:00
CVE-2010-2226 1.9
The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file i
19-03-2012 - 00:00 03-09-2010 - 16:00
CVE-2010-2066 1.9
The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor.
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2009-4895 4.7
Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown v
19-03-2012 - 00:00 08-09-2010 - 16:00
CVE-2009-0357 5.0
Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XM
12-09-2011 - 23:00 04-02-2009 - 14:30
CVE-2009-0355 5.4
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via
12-09-2011 - 23:00 04-02-2009 - 14:30
CVE-2010-1938 9.3
Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly
28-07-2011 - 22:37 28-05-2010 - 14:30
CVE-2011-0724 9.3
The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain privileges.
22-04-2011 - 00:00 18-02-2011 - 20:00
CVE-2008-0420 9.3
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to re
12-04-2011 - 00:00 11-02-2008 - 22:00
CVE-2008-0415 4.3
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.lo
07-03-2011 - 22:04 08-02-2008 - 17:00
CVE-2008-0413 9.3
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2
07-03-2011 - 22:04 08-02-2008 - 17:00
CVE-2008-0304 7.5
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation
07-03-2011 - 22:04 29-02-2008 - 14:44
CVE-2007-5971 6.9
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.
07-03-2011 - 22:01 05-12-2007 - 21:46
CVE-2005-2973 2.1
The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).
07-03-2011 - 21:25 27-10-2005 - 14:02
CVE-2009-1709 9.3
Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG an
17-02-2011 - 01:43 10-06-2009 - 14:00
CVE-2009-0945 9.3
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other pr
17-02-2011 - 01:42 13-05-2009 - 13:30
CVE-2010-0435 4.6
The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors re
19-01-2011 - 01:54 24-08-2010 - 14:00
CVE-2010-0629 4.0
Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an inva
21-08-2010 - 01:39 07-04-2010 - 11:30
CVE-2009-4145 2.1
nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive information by reading D-Bus signals, as demonstrated by using dbus-monito
21-08-2010 - 01:37 23-12-2009 - 15:30
CVE-2009-4144 6.8
NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote attackers to obtain sensiti
21-08-2010 - 01:37 23-12-2009 - 15:30
CVE-2009-0776 7.1
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2009-0774 9.3
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different v
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2009-0772 9.3
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetO
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2008-6123 5.0
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restric
21-08-2010 - 01:27 12-02-2009 - 11:30
CVE-2008-5513 4.3
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cr
21-08-2010 - 01:26 17-12-2008 - 18:30
CVE-2008-5505 5.0
Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.
21-08-2010 - 01:26 17-12-2008 - 18:30
CVE-2008-5504 7.5
Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836.
21-08-2010 - 01:26 17-12-2008 - 18:30
CVE-2008-5502 5.0
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEnti
21-08-2010 - 01:26 17-12-2008 - 18:30
CVE-2008-5501 5.0
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.
21-08-2010 - 01:26 17-12-2008 - 18:30
CVE-2005-3272 5.0
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.
21-08-2010 - 00:33 20-10-2005 - 21:02
CVE-2009-3295 5.0
The prep_reprocess_req function in kdc/do_tgs_req.c in the cross-realm referral implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.1 allows remote attackers to cause a denial of service (NULL pointer deref
29-06-2010 - 00:00 29-12-2009 - 15:41
CVE-2010-0283 7.8
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request.
19-06-2010 - 01:38 22-02-2010 - 08:00
CVE-2007-5972 9.0
Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master ke
27-05-2010 - 01:19 05-12-2007 - 21:46
CVE-2007-5902 10.0
Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request.
27-05-2010 - 01:19 05-12-2007 - 21:46
CVE-2010-0628 5.0
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failu
31-03-2010 - 01:41 25-03-2010 - 18:30
CVE-2009-4128 7.2
GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate attackers to conduct brute force attacks and bypass authentication by submitting a p
02-12-2009 - 00:00 01-12-2009 - 11:30
CVE-2008-0166 7.8
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptograp
21-02-2009 - 00:00 13-05-2008 - 13:20
Back to Top Mark selected
Back to Top