Total
15186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2973 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).
|
|||||
| CVE-2006-3468 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 HIGH | N/A |
|
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only.
|
|||||
| CVE-2006-3085 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 HIGH | N/A |
|
xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length.
|
|||||
| CVE-2001-1391 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
|
Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.
|
|||||
| CVE-2006-1055 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
|
The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read.
|
|||||
| CVE-2005-3358 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
|
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
|
|||||
| CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2025-04-03 | 7.5 HIGH | N/A |
|
Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
|
|||||
| CVE-2005-4811 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
|
The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function.
|
|||||
| CVE-2006-2629 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.0 MEDIUM | N/A |
|
Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing the /proc entry of a task that is exiting, which causes memory corruption that leads to a failure in the prune_dcache function or a BUG_ON error in include/linux/list.h.
|
|||||
| CVE-2002-1380 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.
|
|||||
| CVE-2006-0482 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call.
|
|||||
| CVE-2005-0937 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 1.2 LOW | N/A |
|
Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions.
|
|||||
| CVE-2004-1151 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges.
|
|||||
| CVE-2006-0454 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value.
|
|||||
| CVE-2004-2607 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.
|
|||||
| CVE-2005-4635 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages.
|
|||||
| CVE-2005-1589 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
|
The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264.
|
|||||
| CVE-2005-1264 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
|
Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.
|
|||||
| CVE-1999-0216 | 3 Gnu, Hp, Linux | 3 Inet, Hp-ux, Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of service of inetd on Linux through SYN and RST packets.
|
|||||
| CVE-2005-3109 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.
|
|||||
| CVE-2005-3806 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 6.6 MEDIUM | N/A |
|
The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.
|
|||||
| CVE-2006-1856 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
|
Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions.
|
|||||
| CVE-2001-0317 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 3.7 LOW | N/A |
|
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
|
|||||
| CVE-2002-0060 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
|
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.
|
|||||
| CVE-2006-1066 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 1.2 LOW | N/A |
|
Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call.
|
|||||
| CVE-2001-1393 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang).
|
|||||
| CVE-2005-0178 | 3 Linux, Netkit, Vserver | 3 Linux Kernel, Linux Netkit, Linux-vserver | 2025-04-03 | 6.2 MEDIUM | N/A |
|
Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.
|
|||||
| CVE-2004-1070 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-03 | 7.2 HIGH | N/A |
|
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
|
|||||
| CVE-2001-0907 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link.
|
|||||
| CVE-2002-2254 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The experimental IP packet queuing feature in Netfilter / IPTables in Linux kernel 2.4 up to 2.4.19 and 2.5 up to 2.5.31, when a privileged process exits and network traffic is not being queued, may allow a later process with the same Process ID (PID) to access certain network traffic that would otherwise be restricted.
|
|||||
| CVE-2003-0476 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.
|
|||||
| CVE-2001-1400 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).
|
|||||
| CVE-2006-1624 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.8 HIGH | N/A |
|
The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses.
|
|||||
| CVE-2003-1332 | 2 Linux, Samba | 2 Linux Kernel, Samba | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.
|
|||||
| CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2025-04-03 | 2.1 LOW | N/A |
|
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
|
|||||
| CVE-1999-0781 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
|
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
|
|||||
| CVE-2006-4535 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
|
The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to backporting of the CVE-2006-3745 patch.
|
|||||
| CVE-2004-0816 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
|
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
|
|||||
| CVE-2006-2448 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.6 MEDIUM | N/A |
|
Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and possibly read kernel memory on 32-bit systems (signal_32.c).
|
|||||
| CVE-2004-1074 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-03 | 2.1 LOW | N/A |
|
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
|
|||||