CVE-2010-1773
- EPSS 2.15%
- Veröffentlicht 24.09.2010 19:00:04
- Zuletzt bearbeitet 16.06.2026 23:19:17
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory...
CVE-2010-2598
- EPSS 1.99%
- Veröffentlicht 02.07.2010 12:43:53
- Zuletzt bearbeitet 16.06.2026 23:21:03
LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via ...
CVE-2010-0730
- EPSS 2.44%
- Veröffentlicht 12.05.2010 11:46:31
- Zuletzt bearbeitet 16.06.2026 23:16:44
The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows guest OS users to cause a denial of service (32-bit guest OS crash) via vectors that trigger an unspecified instruction emulatio...
CVE-2010-0727
- EPSS 0.58%
- Veröffentlicht 16.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:43
The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute ...
CVE-2010-0729
- EPSS 0.34%
- Veröffentlicht 16.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:44
A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local users to use ptrace on an arbitrary process, and consequently gain privileges, via vectors related to a missing ptrace_check_attach ca...
CVE-2010-0302
- EPSS 2.58%
- Veröffentlicht 05.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:15:53
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denia...
CVE-2009-3556
- EPSS 0.38%
- Veröffentlicht 27.01.2010 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:51
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport...
CVE-2010-0013
- EPSS 12.5%
- Veröffentlicht 09.01.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:15:14
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) requ...
CVE-2009-3553
- EPSS 3.91%
- Veröffentlicht 20.11.2009 02:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:49
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash ...
CVE-2009-2416
- EPSS 1.79%
- Veröffentlicht 11.08.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:09:24
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute...