High

DATE	CVE	VULNERABILITY TITLE	RISK
2011-04-08	CVE-2011-0997	Improper Input Validation vulnerability in multiple products dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. network low complexity isc debian canonical CWE-20	7.5
2011-03-25	CVE-2011-1293	USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. network low complexity google debian apple CWE-416	7.5
2011-03-25	CVE-2011-1292	USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. network low complexity google debian CWE-416	7.5
2011-02-10	CVE-2011-0985	Resource Exhaustion vulnerability in Google Chrome Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors. network low complexity google debian CWE-400	7.5
2011-02-10	CVE-2011-0983	Improper Input Validation vulnerability in Google Chrome Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." network low complexity google apple debian CWE-20	7.5
2011-02-10	CVE-2011-0981	Improper Input Validation vulnerability in Google Chrome Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." network low complexity google apple debian CWE-20	7.5
2010-12-22	CVE-2010-4578	Multiple Security vulnerability in Google Chrome and Chrome OS Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." network low complexity google debian	7.5
2010-12-22	CVE-2010-4577	Type Confusion vulnerability in multiple products The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." network low complexity webkitgtk google fedoraproject debian CWE-843	7.5
2010-12-14	CVE-2010-4345	Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive. local low complexity exim opensuse debian canonical	7.8
2010-12-07	CVE-2010-4494	Double Free vulnerability in Google Chrome Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. network low complexity google xmlsoft apple opensuse suse fedoraproject redhat debian hp apache CWE-415	7.5