CVE-2010-1205
- EPSS 43.38%
- Veröffentlicht 30.06.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:17:50
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CVE-2010-2249
- EPSS 2.63%
- Veröffentlicht 30.06.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:20:23
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
CVE-2010-2067
- EPSS 4.78%
- Veröffentlicht 24.06.2010 12:30:01
- Zuletzt bearbeitet 16.06.2026 23:19:55
Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance ...
CVE-2010-2063
- EPSS 78.7%
- Veröffentlicht 17.06.2010 16:30:01
- Zuletzt bearbeitet 16.06.2026 23:19:54
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arb...
CVE-2010-1770
- EPSS 4.76%
- Veröffentlicht 11.06.2010 19:30:20
- Zuletzt bearbeitet 16.06.2026 23:19:17
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, wh...
CVE-2010-0395
- EPSS 10.51%
- Veröffentlicht 10.06.2010 00:30:07
- Zuletzt bearbeitet 16.06.2026 23:16:04
OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro direct...
- EPSS 4.38%
- Veröffentlicht 27.05.2010 19:30:01
- Zuletzt bearbeitet 16.06.2026 23:18:45
Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with ...
CVE-2010-1321
- EPSS 6.88%
- Veröffentlicht 19.05.2010 18:30:03
- Zuletzt bearbeitet 16.06.2026 23:18:07
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allo...
- EPSS 5.59%
- Veröffentlicht 14.05.2010 19:30:01
- Zuletzt bearbeitet 16.06.2026 23:18:44
The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed...
CVE-2010-0629
- EPSS 5.47%
- Veröffentlicht 07.04.2010 15:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:32
Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an inva...