Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-05-03 | CVE-2011-1440 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. | 6.8 |
| 2011-03-29 | CVE-2011-1176 | The configuration merger in itk.c in the Steinar H. | 4.3 |
| 2011-03-02 | CVE-2011-0762 | Resource Exhaustion vulnerability in multiple products The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. | 4.0 |
| 2011-02-10 | CVE-2011-0984 | Out-Of-Bounds Read vulnerability in Google Chrome Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 5.0 |
| 2011-02-04 | CVE-2011-0783 | Unspecified vulnerability in Google Chrome Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting." | 4.3 |
| 2011-02-04 | CVE-2011-0779 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension. | 5.0 |
| 2011-01-28 | CVE-2010-3689 | Path Traversal vulnerability in multiple products soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | 6.9 |
| 2011-01-20 | CVE-2011-0495 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Digium Asterisk Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function. | 6.0 |
| 2011-01-14 | CVE-2011-0482 | Incorrect Type Conversion OR Cast vulnerability in Google Chrome and Chrome OS Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. | 4.3 |
| 2010-12-07 | CVE-2010-4493 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events. | 4.3 |