Filtered by vendor Linux
Subscribe
Total
6322 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0400 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 2.1 LOW | N/A |
| The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | |||||
| CVE-2004-1058 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2018-10-03 | 1.2 LOW | N/A |
| Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline. | |||||
| CVE-2012-0713 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2018-10-02 | 3.5 LOW | N/A |
| Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary XML files via unknown vectors. | |||||
| CVE-2001-1056 | 1 Linux | 1 Linux Kernel | 2018-09-20 | 7.5 HIGH | N/A |
| IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request. | |||||
| CVE-2001-0907 | 1 Linux | 1 Linux Kernel | 2018-09-20 | 2.1 LOW | N/A |
| Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link. | |||||
| CVE-2018-5007 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Flash Player Desktop Runtime, Mac Os X and 8 more | 2018-09-17 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-5008 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Flash Player Desktop Runtime, Mac Os X and 8 more | 2018-09-17 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-1999-1442 | 1 Linux | 1 Linux Kernel | 2018-09-11 | 7.2 HIGH | N/A |
| Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments. | |||||
| CVE-1999-1341 | 1 Linux | 1 Linux Kernel | 2018-09-11 | 4.6 MEDIUM | N/A |
| Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices. | |||||
| CVE-2017-13695 | 1 Linux | 1 Linux Kernel | 2018-09-11 | 2.1 LOW | 5.5 MEDIUM |
| The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. | |||||
| CVE-2017-10911 | 1 Linux | 1 Linux Kernel | 2018-09-07 | 4.9 MEDIUM | 6.5 MEDIUM |
| The make_response function in drivers/block/xen-blkback/blkback.c in the Linux kernel before 4.11.8 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures, aka XSA-216. | |||||
| CVE-2015-8767 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2018-08-30 | 4.9 MEDIUM | 6.2 MEDIUM |
| net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. | |||||
| CVE-2016-2053 | 1 Linux | 1 Linux Kernel | 2018-08-30 | 4.7 MEDIUM | 4.7 MEDIUM |
| The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c. | |||||
| CVE-2018-1093 | 1 Linux | 1 Linux Kernel | 2018-08-29 | 7.1 HIGH | 5.5 MEDIUM |
| The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers. | |||||
| CVE-2018-10956 | 3 Ipconfigure, Linux, Microsoft | 3 Orchid Core Vms, Linux Kernel, Windows | 2018-08-27 | 5.0 MEDIUM | 7.5 HIGH |
| IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal. | |||||
| CVE-2017-6345 | 1 Linux | 1 Linux Kernel | 2018-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls. | |||||
| CVE-2017-5549 | 1 Linux | 1 Linux Kernel | 2018-08-24 | 2.1 LOW | 5.5 MEDIUM |
| The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log. | |||||
| CVE-2017-2584 | 1 Linux | 1 Linux Kernel | 2018-08-24 | 3.6 LOW | 7.1 HIGH |
| arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt. | |||||
| CVE-2017-16914 | 1 Linux | 1 Linux Kernel | 2018-08-24 | 7.1 HIGH | 5.9 MEDIUM |
| The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet. | |||||
| CVE-2017-16913 | 1 Linux | 1 Linux Kernel | 2018-08-24 | 7.1 HIGH | 5.9 MEDIUM |
| The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet. | |||||