Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-11-15 | CVE-2010-1378 | Improper Certificate Validation vulnerability in Apple mac OS X and mac OS X Server OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority. | 9.8 |
| 2010-11-06 | CVE-2010-4205 | Unspecified vulnerability in Google Chrome Google Chrome before 7.0.517.44 does not properly handle the data types of event objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 9.8 |
| 2010-11-06 | CVE-2010-4204 | WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 9.8 |
| 2010-11-06 | CVE-2010-4203 | Integer Overflow or Wraparound vulnerability in multiple products WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames. | 9.8 |
| 2010-11-06 | CVE-2010-4202 | Integer Overflow or Wraparound vulnerability in Google Chrome Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font. | 9.8 |
| 2010-11-06 | CVE-2010-4201 | Use After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control selections. | 9.8 |
| 2010-11-06 | CVE-2010-4197 | Use After Free vulnerability in multiple products Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing. | 9.8 |
| 2010-11-05 | CVE-2010-2941 | Use After Free vulnerability in multiple products ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | 9.8 |
| 2010-10-21 | CVE-2010-4042 | Improper Input Validation vulnerability in multiple products Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements." | 9.8 |
| 2010-10-21 | CVE-2010-4041 | Unspecified vulnerability in Google Chrome The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors. | 9.8 |