Vulnerabilities (CVE)

Filtered by vendor Linux Subscribe
Total 5998 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4656 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2023-12-10 7.2 HIGH 7.8 HIGH
The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report.
CVE-2010-2537 3 Canonical, Linux, Suse 5 Ubuntu Linux, Linux Kernel, Linux Enterprise High Availability Extension and 2 more 2023-12-10 6.6 MEDIUM 7.1 HIGH
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.
CVE-2011-4077 1 Linux 1 Linux Kernel 2023-12-10 6.9 MEDIUM N/A
Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.
CVE-2010-4251 3 Linux, Redhat, Vmware 3 Linux Kernel, Enterprise Linux, Esx 2023-12-10 7.8 HIGH 7.5 HIGH
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.
CVE-2010-4649 2 Linux, Redhat 6 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Eus and 3 more 2023-12-10 6.9 MEDIUM N/A
Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member.
CVE-2012-1796 4 Hp, Ibm, Linux and 1 more 5 Hp-ux, Aix, Db2 and 2 more 2023-12-10 7.2 HIGH N/A
Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors.
CVE-2010-3850 4 Canonical, Debian, Linux and 1 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2023-12-10 2.1 LOW N/A
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.
CVE-2010-0003 2 Debian, Linux 2 Debian Linux, Linux Kernel 2023-12-10 5.4 MEDIUM N/A
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address.
CVE-2010-4081 4 Debian, Linux, Opensuse and 1 more 7 Debian Linux, Linux Kernel, Opensuse and 4 more 2023-12-10 1.9 LOW N/A
The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call.
CVE-2007-6733 1 Linux 1 Linux Kernel 2023-12-10 4.7 MEDIUM N/A
The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on an NFS filesystem and then changing this file's permissions, a related issue to CVE-2010-0727.
CVE-2011-2130 6 Adobe, Apple, Google and 3 more 7 Adobe Air, Flash Player, Mac Os X and 4 more 2023-12-10 10.0 HIGH N/A
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.
CVE-2011-2445 6 Adobe, Apple, Google and 3 more 7 Adobe Air, Flash Player, Mac Os X and 4 more 2023-12-10 10.0 HIGH N/A
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.
CVE-2011-2184 1 Linux 1 Linux Kernel 2023-12-10 7.2 HIGH N/A
The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960.
CVE-2011-1169 1 Linux 1 Linux Kernel 2023-12-10 7.2 HIGH N/A
Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer.
CVE-2010-4295 3 Apple, Linux, Vmware 6 Mac Os X, Linux Kernel, Fusion and 3 more 2023-12-10 6.9 MEDIUM N/A
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
CVE-2011-2424 6 Adobe, Apple, Google and 3 more 7 Adobe Air, Flash Player, Mac Os X and 4 more 2023-12-10 9.3 HIGH N/A
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures."
CVE-2011-1172 1 Linux 1 Linux Kernel 2023-12-10 2.1 LOW N/A
net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
CVE-2010-0623 3 Canonical, Linux, Opensuse 3 Ubuntu Linux, Linux Kernel, Opensuse 2023-12-10 4.9 MEDIUM N/A
The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem.
CVE-2011-0622 6 Adobe, Apple, Google and 3 more 6 Flash Player, Mac Os X, Android and 3 more 2023-12-10 9.3 HIGH N/A
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0621.
CVE-2010-4384 3 Apple, Linux, Realnetworks 3 Mac Os X, Linux Kernel, Realplayer 2023-12-10 9.3 HIGH N/A
Array index error in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via a malformed Media Properties Header (aka MDPR) in a RealMedia file.