Enterprise Linux Workstation Security Vulnerabilities and Issues — Enterprise Linux Workstation CVE List

Lucene search

RedhatEnterprise Linux Workstation

9 matches found

CVE•added 2010/11/05 5:0 p.m.•355 views

CVE-2010-2941

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

9.8CVSS9.6AI score0.27685EPSS

CVE•added 2010/12/07 9:0 p.m.•129 views

CVE-2010-4494

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

7.5CVSS7.8AI score0.0197EPSS

CVE•added 2010/12/23 6:0 p.m.•125 views

CVE-2010-3881

arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.

2.1CVSS5.8AI score0.00073EPSS

CVE•added 2010/11/05 6:0 p.m.•117 views

CVE-2010-3702

The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer...

7.5CVSS7.3AI score0.06284EPSS

CVE•added 2010/03/05 7:30 p.m.•83 views

CVE-2010-0302

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client ...

7.5CVSS7.4AI score0.09847EPSS

CVE•added 2010/11/17 1:0 a.m.•81 views

CVE-2010-4008

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a...

4.3CVSS5.6AI score0.00728EPSS

CVE•added 2010/06/22 5:30 p.m.•71 views

CVE-2010-1637

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.

6.5CVSS5.9AI score0.00128EPSS

CVE•added 2010/11/06 12:0 a.m.•70 views

CVE-2010-4203

WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.

10CVSS9.5AI score0.08115EPSS

CVE•added 2010/01/27 5:30 p.m.•59 views

CVE-2009-4272

A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash ch...

7.8CVSS6.9AI score0.0181EPSS