| Max CVSS | 7.6 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-3864 | 7.6 |
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers
|
13-02-2023 - 04:27 | 17-11-2010 - 16:00 | |
| CVE-2010-3855 | 6.8 |
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.
|
13-02-2023 - 04:26 | 26-11-2010 - 20:00 | |
| CVE-2010-3753 | 6.5 |
programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the cisco_banner (aka server_banner) field, a different vulnerability than CVE-2010-
|
29-07-2019 - 13:26 | 05-10-2010 - 22:00 | |
| CVE-2010-4708 | 7.2 |
The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM
|
03-01-2019 - 15:01 | 24-01-2011 - 19:00 | |
| CVE-2010-3711 | 4.0 |
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted mes
|
19-09-2017 - 01:31 | 28-10-2010 - 00:00 |