Total
547 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-3191 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-12-10 | 8.3 HIGH | 8.8 HIGH |
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. | |||||
CVE-2012-1097 | 3 Linux, Redhat, Suse | 6 Linux Kernel, Enterprise Linux, Enterprise Mrg and 3 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call. | |||||
CVE-2010-4805 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4251. | |||||
CVE-2010-1773 | 5 Canonical, Fedoraproject, Google and 2 more | 5 Ubuntu Linux, Fedora, Chrome and 2 more | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118. | |||||
CVE-2010-4251 | 3 Linux, Redhat, Vmware | 3 Linux Kernel, Enterprise Linux, Esx | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests. | |||||
CVE-2011-2525 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. | |||||
CVE-2011-2189 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd. |