CVE-2010-2547
- EPSS 5.34%
- Veröffentlicht 05.08.2010 18:17:57
- Zuletzt bearbeitet 16.06.2026 23:20:57
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, ...
CVE-2010-2008
- EPSS 9.01%
- Veröffentlicht 13.07.2010 20:30:01
- Zuletzt bearbeitet 16.06.2026 23:19:48
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot...
CVE-2010-1205
- EPSS 43.38%
- Veröffentlicht 30.06.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:17:50
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CVE-2010-2249
- EPSS 2.63%
- Veröffentlicht 30.06.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:20:23
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
CVE-2010-1637
- EPSS 2.68%
- Veröffentlicht 22.06.2010 17:30:01
- Zuletzt bearbeitet 16.06.2026 23:18:45
The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.
CVE-2010-0395
- EPSS 10.51%
- Veröffentlicht 10.06.2010 00:30:07
- Zuletzt bearbeitet 16.06.2026 23:16:04
OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro direct...
- EPSS 4.38%
- Veröffentlicht 27.05.2010 19:30:01
- Zuletzt bearbeitet 16.06.2026 23:18:45
Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with ...
CVE-2010-1321
- EPSS 6.88%
- Veröffentlicht 19.05.2010 18:30:03
- Zuletzt bearbeitet 16.06.2026 23:18:07
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allo...
CVE-2010-0629
- EPSS 5.47%
- Veröffentlicht 07.04.2010 15:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:32
Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an inva...
- EPSS 3.94%
- Veröffentlicht 06.04.2010 16:30:00
- Zuletzt bearbeitet 16.06.2026 23:16:46
The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets.