CVE-2010-3709
- EPSS 13.33%
- Veröffentlicht 09.11.2010 01:00:02
- Zuletzt bearbeitet 16.06.2026 23:23:23
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
CVE-2010-3702
- EPSS 2.76%
- Veröffentlicht 05.11.2010 18:00:05
- Zuletzt bearbeitet 16.06.2026 23:23:22
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unkn...
CVE-2010-2941
- EPSS 6.47%
- Veröffentlicht 05.11.2010 17:00:01
- Zuletzt bearbeitet 16.06.2026 23:21:47
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbi...
CVE-2010-3437
- EPSS 2.42%
- Veröffentlicht 04.10.2010 21:00:04
- Zuletzt bearbeitet 16.06.2026 23:22:46
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dere...
CVE-2010-3442
- EPSS 0.4%
- Veröffentlicht 04.10.2010 21:00:04
- Zuletzt bearbeitet 16.06.2026 23:22:46
Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a...
CVE-2010-3079
- EPSS 0.39%
- Veröffentlicht 30.09.2010 15:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:05
kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference a...
CVE-2010-3296
- EPSS 0.43%
- Veröffentlicht 30.09.2010 15:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:31
The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack ...
CVE-2010-3297
- EPSS 0.41%
- Veröffentlicht 30.09.2010 15:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:32
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL...
CVE-2010-3298
- EPSS 0.41%
- Veröffentlicht 30.09.2010 15:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:32
The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIO...
CVE-2010-2537
- EPSS 0.39%
- Veröffentlicht 30.09.2010 15:00:01
- Zuletzt bearbeitet 16.06.2026 23:20:56
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.