Total
15186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0001 | 4 Freebsd, Linux, Microsoft and 1 more | 5 Freebsd, Linux Kernel, Windows 2000 and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
|
|||||
| CVE-1999-0804 | 4 Debian, Linux, Redhat and 1 more | 4 Debian Linux, Linux Kernel, Linux and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
|
|||||
| CVE-2005-4352 | 2 Linux, Netbsd | 2 Linux Kernel, Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap."
|
|||||
| CVE-2006-1523 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 10.0 HIGH | N/A |
|
The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON.
|
|||||
| CVE-2001-1394 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service.
|
|||||
| CVE-2004-0812 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code.
|
|||||
| CVE-2005-0756 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).
|
|||||
| CVE-2004-2013 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.2 HIGH | 7.8 HIGH |
|
Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory.
|
|||||
| CVE-2006-2071 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs.
|
|||||
| CVE-2004-0427 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.
|
|||||
| CVE-2005-4618 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 3.6 LOW | N/A |
|
Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified.
|
|||||
| CVE-2005-3276 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
|
|||||
| CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2025-04-03 | 2.1 LOW | N/A |
|
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
|
|||||
| CVE-2006-2445 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.0 MEDIUM | N/A |
|
Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting.
|
|||||
| CVE-2002-1319 | 2 Linux, Trustix | 2 Linux Kernel, Secure Linux | 2025-04-03 | 2.1 LOW | N/A |
|
The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.
|
|||||
| CVE-1999-1166 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
|
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
|
|||||
| CVE-2003-1428 | 2 Bharat Mediratta, Linux | 2 Gallery, Linux Kernel | 2025-04-03 | 4.8 MEDIUM | N/A |
|
Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos.
|
|||||
| CVE-2000-0289 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
|
|||||
| CVE-2006-1858 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 HIGH | N/A |
|
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.
|
|||||
| CVE-2005-0449 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.1 HIGH | N/A |
|
The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.
|
|||||
| CVE-2006-2444 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 HIGH | N/A |
|
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.
|
|||||
| CVE-2004-1237 | 3 Linux, Redhat, Suse | 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.
|
|||||
| CVE-2005-2459 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458.
|
|||||
| CVE-2005-2708 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process using the bash ulimit -v command.
|
|||||
| CVE-2005-0530 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.
|
|||||
| CVE-2006-0038 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 6.9 MEDIUM | N/A |
|
Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.
|
|||||
| CVE-2004-0181 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.
|
|||||
| CVE-1999-0400 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Denial of service in Linux 2.2.0 running the ldd command on a core file.
|
|||||
| CVE-2005-0750 | 5 Conectiva, Linux, Redhat and 2 more | 8 Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-04-03 | 7.2 HIGH | N/A |
|
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
|
|||||
| CVE-2006-0741 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 1.2 LOW | N/A |
|
Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."
|
|||||
| CVE-2005-0209 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 HIGH | N/A |
|
Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments.
|
|||||
| CVE-2005-0003 | 4 Avaya, Linux, Mandrakesoft and 1 more | 15 Converged Communications Server, Intuity Audix, Mn100 and 12 more | 2025-04-03 | 2.1 LOW | N/A |
|
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
|
|||||
| CVE-2004-0814 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2025-04-03 | 1.2 LOW | N/A |
|
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.
|
|||||
| CVE-1999-0245 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".
|
|||||
| CVE-2005-3275 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.6 LOW | N/A |
|
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption.
|
|||||
| CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
|
|||||
| CVE-2006-0457 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.1 HIGH | N/A |
|
Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory.
|
|||||
| CVE-2005-3753 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 HIGH | N/A |
|
Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker.
|
|||||
| CVE-2006-1855 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process.
|
|||||
| CVE-1999-0656 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.
|
|||||