| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-3904 | 7.2 |
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privile
|
27-06-2024 - 19:23 | 06-12-2010 - 20:13 | |
| CVE-2010-2941 | 9.3 |
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbi
|
02-02-2024 - 16:35 | 05-11-2010 - 17:00 | |
| CVE-2010-3856 | 7.2 |
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain
|
20-07-2023 - 18:15 | 07-01-2011 - 19:00 | |
| CVE-2010-3311 | 9.3 |
Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font
|
13-02-2023 - 04:23 | 07-01-2011 - 23:00 | |
| CVE-2010-3069 | 7.5 |
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file
|
13-02-2023 - 04:21 | 15-09-2010 - 18:00 | |
| CVE-2010-3477 | 2.1 |
The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to o
|
14-08-2020 - 14:03 | 21-09-2010 - 20:00 | |
| CVE-2010-1322 | 6.5 |
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of s
|
21-01-2020 - 15:46 | 07-10-2010 - 21:00 | |
| CVE-2010-3704 | 6.8 |
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of serv
|
06-03-2019 - 16:30 | 05-11-2010 - 18:00 | |
| CVE-2010-3574 | 10.0 |
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE
|
30-10-2018 - 16:26 | 19-10-2010 - 22:00 | |
| CVE-2010-0405 | 5.1 |
Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
|
10-10-2018 - 19:52 | 28-09-2010 - 18:00 | |
| CVE-2010-3765 | 9.3 |
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related
|
19-09-2017 - 01:31 | 28-10-2010 - 00:00 | |
| CVE-2010-3170 | 4.3 |
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-th
|
19-09-2017 - 01:31 | 21-10-2010 - 19:00 |