Total
2696 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-4163 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.7 MEDIUM | N/A |
The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. | |||||
CVE-2013-4162 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.7 MEDIUM | N/A |
The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. | |||||
CVE-2013-4153 | 1 Redhat | 1 Libvirt | 2023-02-13 | 5.0 MEDIUM | N/A |
Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qemu_agent.c in libvirt 1.0.6 through 1.1.0 allows remote attackers to cause a denial of service (daemon crash) via a cpu count request, as demonstrated by the "virsh vcpucount dom --guest" command. | |||||
CVE-2013-4127 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.7 MEDIUM | N/A |
Use-after-free vulnerability in the vhost_net_set_backend function in drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users to cause a denial of service (OOPS and system crash) via vectors involving powering on a virtual machine. | |||||
CVE-2013-2231 | 2 Microsoft, Redhat | 5 Windows, Enterprise Linux, Enterprise Linux Desktop Supplementary and 2 more | 2023-02-13 | 7.2 HIGH | N/A |
Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder. | |||||
CVE-2013-2218 | 1 Redhat | 1 Libvirt | 2023-02-13 | 5.0 MEDIUM | N/A |
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --inactive" command. | |||||
CVE-2013-2148 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 2.1 LOW | N/A |
The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor. | |||||
CVE-2013-2141 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 2.1 LOW | N/A |
The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call. | |||||
CVE-2013-2099 | 2 Canonical, Python | 2 Ubuntu Linux, Python | 2023-02-13 | 4.3 MEDIUM | N/A |
Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate. | |||||
CVE-2013-2017 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 7.8 HIGH | N/A |
The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error. | |||||
CVE-2013-1962 | 1 Redhat | 1 Libvirt | 2023-02-13 | 5.0 MEDIUM | N/A |
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particular pool." | |||||
CVE-2013-1797 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation. | |||||
CVE-2013-1767 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 6.2 MEDIUM | N/A |
Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option. | |||||
CVE-2013-0217 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 5.2 MEDIUM | N/A |
Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions. | |||||
CVE-2012-4517 | 1 Openfabrics | 1 Ibacm | 2023-02-13 | 5.0 MEDIUM | N/A |
ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response. | |||||
CVE-2012-4467 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 6.6 MEDIUM | N/A |
The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a crafted ioctl call. | |||||
CVE-2012-3510 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 5.6 MEDIUM | N/A |
Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command. | |||||
CVE-2012-2390 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.9 MEDIUM | N/A |
Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations. | |||||
CVE-2012-1595 | 1 Wireshark | 1 Wireshark | 2023-02-13 | 4.3 MEDIUM | N/A |
The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size, related to the pcap and pcap-ng file parsers. | |||||
CVE-2011-2901 | 1 Xen | 1 Xen | 2023-02-13 | 5.5 MEDIUM | N/A |
Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits. |