VYPR

linux

by Debian

Source repositories

CVEs (3,007)

  • CVE-2011-3905Dec 13, 2011
    risk 0.00cvss epss 0.02

    libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2011-3895Nov 11, 2011
    risk 0.00cvss epss 0.02

    Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

  • CVE-2011-3892Nov 11, 2011
    risk 0.00cvss epss 0.02

    Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

  • CVE-2011-2834Sep 19, 2011
    risk 0.00cvss epss 0.02

    Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

  • CVE-2011-2821Aug 29, 2011
    risk 0.00cvss epss 0.02

    Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.

  • CVE-2011-2818Aug 3, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.

  • CVE-2011-2800Aug 3, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site.

  • CVE-2011-2359Aug 3, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

  • CVE-2011-2688Jul 28, 2011
    risk 0.00cvss epss 0.06

    SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.

  • CVE-2011-1526Jul 11, 2011
    risk 0.00cvss epss 0.04

    ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read…

  • CVE-2011-2192Jul 7, 2011
    risk 0.00cvss epss 0.03

    The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.

  • CVE-2011-1799May 16, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2011-1444May 3, 2011
    risk 0.00cvss epss 0.01

    Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2011-1440May 3, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.

  • CVE-2011-1499Apr 29, 2011
    risk 0.00cvss epss 0.02

    acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.

  • CVE-2011-1176Mar 29, 2011
    risk 0.00cvss epss 0.03

    The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote…

  • CVE-2011-1400Mar 25, 2011
    risk 0.00cvss epss 0.04

    The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote…

  • CVE-2011-1293Mar 25, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2011-1292Mar 25, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2011-0985Feb 10, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors.

Page 134 of 151