Filtered by vendor Debian Subscriptions
Filtered by product Debian Linux Subscriptions
Total 10052 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2010-2803 5 Debian, Linux, Opensuse and 2 more 8 Debian Linux, Linux Kernel, Opensuse and 5 more 2025-04-11 N/A
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount.
CVE-2010-2901 2 Debian, Google 2 Debian Linux, Chrome 2025-04-11 N/A
The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVE-2010-2941 7 Apple, Canonical, Debian and 4 more 13 Cups, Mac Os X, Mac Os X Server and 10 more 2025-04-11 9.8 Critical
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
CVE-2010-2963 6 Canonical, Debian, Fedoraproject and 3 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2025-04-11 N/A
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.
CVE-2010-3067 6 Canonical, Debian, Linux and 3 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2025-04-11 N/A
Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.
CVE-2010-3297 6 Canonical, Debian, Linux and 3 more 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more 2025-04-11 N/A
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.
CVE-2010-3432 6 Canonical, Debian, Linux and 3 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2025-04-11 N/A
The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic.
CVE-2010-3437 6 Canonical, Debian, Linux and 3 more 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more 2025-04-11 N/A
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
CVE-2010-3450 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2025-04-11 N/A
Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files.
CVE-2010-3477 4 Canonical, Debian, Linux and 1 more 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more 2025-04-11 N/A
The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942.
CVE-2011-0762 7 Canonical, Debian, Fedoraproject and 4 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2025-04-11 N/A
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
CVE-2011-0779 2 Debian, Google 2 Debian Linux, Chrome 2025-04-11 N/A
Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension.
CVE-2011-0783 2 Debian, Google 2 Debian Linux, Chrome 2025-04-11 N/A
Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting."
CVE-2010-3689 4 Apache, Canonical, Debian and 1 more 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more 2025-04-11 N/A
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3702 9 Apple, Canonical, Debian and 6 more 12 Cups, Ubuntu Linux, Debian Linux and 9 more 2025-04-11 N/A
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
CVE-2010-3705 5 Canonical, Debian, Fedoraproject and 2 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2025-04-11 N/A
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array.
CVE-2010-3849 4 Canonical, Debian, Linux and 1 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2025-04-11 N/A
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field.
CVE-2010-3850 4 Canonical, Debian, Linux and 1 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2025-04-11 N/A
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.
CVE-2010-3877 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2025-04-11 N/A
The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure.
CVE-2013-6712 6 Apple, Canonical, Debian and 3 more 7 Mac Os X, Ubuntu Linux, Debian Linux and 4 more 2025-04-11 N/A
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.