CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 4CVE-2010-1437 – Linux Kernel 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption
https://notcve.org/view.php?id=CVE-2010-1437
07 May 2010 — Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function. Condición de carrera en la función find_keyring_by_name en security/keys/keyring.c el el kernel de Linux v2.6.34-rc5 y anteriores, permite u... • https://www.exploit-db.com/exploits/33886 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.5EPSS: 2%CPEs: 8EXPL: 1CVE-2010-0629 – krb5: kadmind use-after-free remote crash (MITKRB5-SA-2010-003)
https://notcve.org/view.php?id=CVE-2010-0629
07 Apr 2010 — Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. Vulnerabilidad de uso después de la liberación kadmin/server/server_stubs.c en kadmind en MIT Kerberos 5 (también conocido como krb5) de la v1.5 a la v1.6.3, permite a usuarios autenticados remotamente provocar una denegación de servicio ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567052 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 92%CPEs: 10EXPL: 1CVE-2010-0840 – Oracle JRE Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2010-0840
01 Apr 2010 — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attack... • https://www.exploit-db.com/exploits/16297 •
CVSS: 6.5EPSS: 8%CPEs: 21EXPL: 0CVE-2010-0205 – libpng: excessive memory consumption due to highly compressed huge ancillary chunk
https://notcve.org/view.php?id=CVE-2010-0205
03 Mar 2010 — The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "de... • http://libpng.sourceforge.net/ADVISORY-1.4.1.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 91%CPEs: 10EXPL: 1CVE-2009-3953 – Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-3953
13 Jan 2010 — The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994. La implementación U3D en Adobe Reader y Acrobat v9.x anterior a v9.3, y v8.x anterior a v8.2 sobre Windows y Mac OS X, podría permitir a atacantes ejecutar código de su elección ... • https://www.exploit-db.com/exploits/16622 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 12%CPEs: 10EXPL: 1CVE-2010-0013 – Pidgin MSN 2.6.4 - File Download
https://notcve.org/view.php?id=CVE-2010-0013
09 Jan 2010 — Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon. Vulne... • https://www.exploit-db.com/exploits/11203 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2010-0012
https://notcve.org/view.php?id=CVE-2010-0012
08 Jan 2010 — Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file. Vulnerabilidad de salto de directorio en libtransmission/metainfo.c en Transmission v1.22, v1.34, v1.75, y v1.76 permite a atacantes remotos sobreescribir ficheros de su elección a través de .. (punto punto) en un nombre de ruta con un fichero .torrent • http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 93%CPEs: 11EXPL: 4CVE-2009-4324 – Adobe Acrobat and Reader Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2009-4324
15 Dec 2009 — Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009. La vulnerabilidad de uso de la memoria previamente liberada (Use-after-free) en la función Doc.media.newPlayer en el archivo Multimedia.api en Adobe Reader y Acrobat versión 9.x anterior a 9.3, y ... • https://www.exploit-db.com/exploits/16503 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2009-3080 – kernel: gdth: Prevent negative offsets in ioctl
https://notcve.org/view.php?id=CVE-2009-3080
20 Nov 2009 — Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. Error de indice de matriz en la función gdth_read_event en drivers/scsi/gdth.c en el kernel de Linux antes de v2.6.32-RC8 permite a usuarios locales provocar una denegación de servicio o posiblemente obtener privilegios a través de un índice de evento negativo en una solicitud... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=690e744869f3262855b83b4fb59199cf142765b0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-129: Improper Validation of Array Index •
CVSS: 7.1EPSS: 0%CPEs: 29EXPL: 1CVE-2009-3939 – kernel: megaraid_sas permissions in sysfs
https://notcve.org/view.php?id=CVE-2009-3939
16 Nov 2009 — The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file. El fichero poll_mode_io para el controlador megaraid_sas en el kernel de Linux v2.6.31.6 y anteriores tiene permisos de escritura para todos, permitiendo a usuarios locales cambiar el modo de E/S del dispositivo modificando este fichero. • http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html • CWE-732: Incorrect Permission Assignment for Critical Resource •