VYPR

Ubuntu Linux

by Canonical

CVEs (1,886)

  • CVE-2010-3310Sep 29, 2010
    risk 0.00cvss epss 0.00

    Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function call, related to the…

  • CVE-2010-3084Sep 29, 2010
    risk 0.00cvss epss 0.00

    Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.

  • CVE-2010-2946Sep 29, 2010
    risk 0.00cvss epss 0.00

    fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespace restrictions via an "os2." substring at the beginning of a name.

  • CVE-2010-2478Sep 29, 2010
    risk 0.00cvss epss 0.00

    Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL ethtool command with a large…

  • CVE-2010-3477Sep 21, 2010
    risk 0.00cvss epss 0.00

    The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive…

  • CVE-2010-3080Sep 21, 2010
    risk 0.00cvss epss 0.00

    Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the…

  • CVE-2010-3067Sep 21, 2010
    risk 0.00cvss epss 0.00

    Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.

  • CVE-2010-1815Sep 9, 2010
    risk 0.00cvss epss 0.04

    Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.

  • CVE-2010-1814Sep 9, 2010
    risk 0.00cvss epss 0.04

    WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.

  • CVE-2010-1812Sep 9, 2010
    risk 0.00cvss epss 0.04

    Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.

  • CVE-2010-1781Sep 9, 2010
    risk 0.00cvss epss 0.04

    Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element.

  • CVE-2010-2955Sep 8, 2010
    risk 0.00cvss epss 0.00

    The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in…

  • CVE-2010-2495Sep 8, 2010
    risk 0.00cvss epss 0.03

    The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or…

  • CVE-2010-3259Sep 7, 2010
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and…

  • CVE-2010-3257Sep 7, 2010
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors…

  • CVE-2010-3248Sep 7, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors.

  • CVE-2010-2954Sep 3, 2010
    risk 0.00cvss epss 0.00

    The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have…

  • CVE-2010-2226Sep 3, 2010
    risk 0.00cvss epss 0.00

    The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.

  • CVE-2010-3116Aug 24, 2010
    risk 0.00cvss epss 0.04

    Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via…

  • CVE-2010-3115Aug 24, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.

Page 87 of 95