Debian : Security Vulnerabilities, CVEs, Published In 2010 (Code Execution) CVSS score >= 2
Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic.
Max CVSS
7.2
EPSS Score
0.27%
Published
2010-09-08
Updated
2020-08-27
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
Max CVSS
9.8
EPSS Score
69.07%
Published
2010-11-05
Updated
2024-02-02
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature.
Max CVSS
8.1
EPSS Score
12.74%
Published
2010-08-05
Updated
2024-02-02
Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Max CVSS
6.8
EPSS Score
1.52%
Published
2010-08-19
Updated
2021-04-06
Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Max CVSS
5.1
EPSS Score
0.48%
Published
2010-08-19
Updated
2021-03-23
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
Max CVSS
6.8
EPSS Score
0.43%
Published
2010-08-19
Updated
2023-02-13
Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Max CVSS
6.8
EPSS Score
1.56%
Published
2010-08-19
Updated
2023-02-13
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.
Max CVSS
6.8
EPSS Score
0.43%
Published
2010-08-19
Updated
2021-04-06
The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.
Max CVSS
6.8
EPSS Score
0.44%
Published
2010-08-19
Updated
2021-04-06
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Max CVSS
6.8
EPSS Score
0.47%
Published
2010-08-19
Updated
2021-03-23
CVE-2010-2063
Public exploit
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
Max CVSS
7.5
EPSS Score
97.18%
Published
2010-06-17
Updated
2023-02-13
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
Max CVSS
9.8
EPSS Score
62.90%
Published
2010-06-30
Updated
2020-08-14
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.
Max CVSS
10.0
EPSS Score
4.43%
Published
2010-02-22
Updated
2018-11-16
filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."
Max CVSS
9.3
EPSS Score
37.20%
Published
2010-02-16
Updated
2022-02-07
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.
Max CVSS
9.3
EPSS Score
47.10%
Published
2010-02-16
Updated
2022-02-07
Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression.
Max CVSS
9.3
EPSS Score
5.35%
Published
2010-02-16
Updated
2022-02-07
Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
13.36%
Published
2010-02-16
Updated
2022-02-07
17 vulnerabilities found