Max CVSS | 10.0 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2011-0609 | 9.3 |
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9
|
28-06-2024 - 14:20 | 15-03-2011 - 17:55 | |
CVE-2011-1002 | 5.0 |
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect f
|
22-12-2023 - 18:19 | 22-02-2011 - 19:00 | |
CVE-2010-3718 | 1.2 |
Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as
|
13-02-2023 - 04:25 | 10-02-2011 - 18:00 | |
CVE-2011-1018 | 10.0 |
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
|
13-02-2023 - 03:23 | 25-02-2011 - 19:00 | |
CVE-2011-0020 | 7.6 |
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (
|
13-02-2023 - 03:22 | 24-01-2011 - 18:00 | |
CVE-2011-0541 | 3.3 |
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack.
|
13-02-2023 - 03:22 | 02-09-2011 - 23:55 | |
CVE-2010-4541 | 9.3 |
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary
|
13-02-2023 - 03:20 | 07-01-2011 - 20:00 | |
CVE-2010-4539 | 6.8 |
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vecto
|
13-02-2023 - 03:20 | 07-01-2011 - 19:00 | |
CVE-2010-4542 | 6.8 |
Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitr
|
13-02-2023 - 03:20 | 07-01-2011 - 20:00 | |
CVE-2010-4540 | 6.8 |
Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or poss
|
13-02-2023 - 03:20 | 07-01-2011 - 20:00 | |
CVE-2010-4644 | 3.5 |
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
|
13-02-2023 - 03:20 | 07-01-2011 - 19:00 | |
CVE-2010-4543 | 7.5 |
Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RL
|
13-02-2023 - 03:20 | 07-01-2011 - 20:00 | |
CVE-2011-0013 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the displ
|
13-02-2023 - 01:18 | 19-02-2011 - 01:00 | |
CVE-2011-1003 | 6.8 |
Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office d
|
13-02-2023 - 01:18 | 23-02-2011 - 19:00 | |
CVE-2011-0543 | 3.3 |
Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack.
|
13-02-2023 - 01:18 | 02-09-2011 - 23:55 | |
CVE-2011-0064 | 6.8 |
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference an
|
14-07-2021 - 15:41 | 07-03-2011 - 21:00 | |
CVE-2010-3879 | 5.8 |
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerabil
|
10-11-2020 - 19:00 | 22-01-2011 - 22:00 | |
CVE-2010-4494 | 7.5 |
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath
|
31-07-2020 - 18:38 | 07-12-2010 - 21:00 | |
CVE-2011-0284 | 7.6 |
Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (dae
|
21-01-2020 - 15:46 | 20-03-2011 - 02:00 | |
CVE-2011-0461 | 6.3 |
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/mtab.
|
30-10-2018 - 16:27 | 04-04-2011 - 12:27 | |
CVE-2011-0468 | 6.9 |
The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and before 11.4-54.62.1 in openSUSE 11.4, allows local users to gain privileges via shell metacharacters in a filename, related to tab expansion.
|
30-10-2018 - 16:27 | 04-04-2011 - 12:27 | |
CVE-2011-0414 | 7.1 |
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
|
30-10-2018 - 16:26 | 23-02-2011 - 19:00 | |
CVE-2011-0534 | 5.0 |
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request
|
09-10-2018 - 19:29 | 10-02-2011 - 18:00 | |
CVE-2010-1675 | 5.0 |
bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) via a malformed AS_PATHLIMIT path attribute.
|
06-01-2018 - 02:29 | 29-03-2011 - 18:55 | |
CVE-2010-1674 | 5.0 |
The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute. Per: http://cwe.mitre.org/data/defini
|
06-01-2018 - 02:29 | 29-03-2011 - 18:55 | |
CVE-2011-0715 | 4.3 |
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token. Per: http
|
19-09-2017 - 01:32 | 11-03-2011 - 22:55 | |
CVE-2011-0014 | 5.0 |
ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake mes
|
19-09-2017 - 01:31 | 19-02-2011 - 01:00 | |
CVE-2010-4015 | 6.5 |
Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a deni
|
17-08-2017 - 01:33 | 02-02-2011 - 01:00 | |
CVE-2010-4267 | 7.5 |
Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possi
|
17-08-2017 - 01:33 | 20-01-2011 - 19:00 | |
CVE-2011-0530 | 7.5 |
Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regressi
|
17-08-2017 - 01:33 | 22-02-2011 - 19:00 | |
CVE-2010-2642 | 7.6 |
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execut
|
01-07-2017 - 01:29 | 07-01-2011 - 19:00 | |
CVE-2010-4410 | 4.3 |
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related
|
08-12-2016 - 03:01 | 06-12-2010 - 20:13 | |
CVE-2010-2761 | 4.3 |
The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP h
|
08-12-2016 - 03:01 | 06-12-2010 - 20:12 | |
CVE-2011-0191 | 9.3 |
Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a craft
|
21-02-2014 - 04:39 | 03-03-2011 - 20:00 | |
CVE-2011-0192 | 9.3 |
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application cras
|
21-02-2014 - 04:39 | 03-03-2011 - 20:00 | |
CVE-2010-4411 | 4.3 |
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.
|
12-02-2014 - 04:24 | 06-12-2010 - 20:13 | |
CVE-2010-4226 | 5.0 |
cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive.
|
07-02-2014 - 20:57 | 06-02-2014 - 17:00 |