CVE-2010-0053

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the run-in Cascading Style Sheets CSS display property...

CVE-2010-0052

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to "callbacks for HTML elements."...

CVE-2010-0053

Removed by vendor...

CVE-2010-0049

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via HTML elements with right-to-left RTL text directionality...

CVE-2010-0052

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to "callbacks for HTML elements."...

CVE-2010-0047

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to "HTML object element fallback content."...

CVE-2010-0048

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted XML document...

CVE-2010-0043

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted TIFF image...

CVE-2010-0108

Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy CLIproxy.dll in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument...

CVE-2010-0655

CVE-2010-0655 describes a use-after-free vulnerability in Google Chrome prior to 4.0.249.78. The flaw allows user-assisted remote attackers to cause a crash (DoS) and, in some cases, may enable arbitrary code execution via vectors related to the display of a blocked popup window during navigation...

Mandriva Linux Security Advisory : netpbm (MDVSA-2010:039)

A vulnerability have been discovered and corrected in netpbm : Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via an XPM image file that contains...

CVE-2009-3302

filter/ww8/ww8par2.cxx in OpenOffice.org OOo before 3.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."...

CVE-2009-4640

Array index error in vorbisdec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read...

Stack overflow

FFmpeg 0.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow...

CVE-2009-4637

FFmpeg 0.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow...

CVE-2009-4633

vorbisdec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow...

CVE-2010-0562

The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an SSL X.509 certificate containing non-printabl...

VideoDB 3.0.3 - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38155/info VideoDB is prone to an cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

CVE-2009-2624

The huftbuild function in inflate.c in gzip before 1.3.13 creates a hufts aka huffman table that is too small, which allows remote attackers to cause a denial of service application crash or infinite loop or possibly execute arbitrary code via a crafted archive. NOTE: this issue is caused by a...

CVE-2010-0001

Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading t...