Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-0248 |
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. Published: June 05, 2012; 6:55:07 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2012-0247 |
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. Published: June 05, 2012; 6:55:06 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2012-1703 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690. Published: May 03, 2012; 6:55:02 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-1690 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703. Published: May 03, 2012; 6:55:02 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2012-1688 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML. Published: May 03, 2012; 6:55:02 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2011-3045 |
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-0053 |
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. Published: January 27, 2012; 11:05:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-0031 |
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function. Published: January 18, 2012; 3:55:02 PM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2011-3919 |
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Published: January 07, 2012; 6:55:13 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2011-3905 |
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Published: December 13, 2011; 4:55:01 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2011-2834 |
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Published: September 19, 2011; 8:02:55 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2011-3389 |
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. Published: September 06, 2011; 3:55:03 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2011-2821 |
Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. Published: August 29, 2011; 11:55:01 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2011-1163 |
The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing. Published: April 09, 2011; 10:51:19 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2011-1083 |
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls. Published: April 04, 2011; 8:27:57 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2010-4494 |
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Published: December 07, 2010; 4:00:09 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2010-4008 |
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. Published: November 16, 2010; 8:00:02 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2010-4203 |
WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames. Published: November 05, 2010; 8:00:03 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |