CVE-2010-0395
- EPSS 10.51%
- Veröffentlicht 10.06.2010 00:30:07
- Zuletzt bearbeitet 16.06.2026 23:16:04
OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro direct...
CVE-2010-1321
- EPSS 6.88%
- Veröffentlicht 19.05.2010 18:30:03
- Zuletzt bearbeitet 16.06.2026 23:18:07
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allo...
- EPSS 0.66%
- Veröffentlicht 07.05.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:18:23
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact v...
CVE-2010-1451
- EPSS 0.52%
- Veröffentlicht 07.05.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:18:25
The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack...
CVE-2010-1086
- EPSS 3.6%
- Veröffentlicht 06.04.2010 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:17:29
The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Point...
CVE-2010-1087
- EPSS 3.57%
- Veröffentlicht 06.04.2010 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:17:29
The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.
CVE-2010-1187
- EPSS 0.42%
- Veröffentlicht 31.03.2010 18:00:00
- Zuletzt bearbeitet 16.06.2026 23:17:47
The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before enterin...
CVE-2010-0727
- EPSS 0.58%
- Veröffentlicht 16.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:43
The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute ...
CVE-2010-0434
- EPSS 18.44%
- Veröffentlicht 05.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:10
The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, wh...
CVE-2010-0205
- EPSS 4.21%
- Veröffentlicht 03.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:15:42
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which...