Filtered by vendor Linux
Subscribe
Total
6089 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0429 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 3.6 LOW | N/A |
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall). | |||||
CVE-1999-1339 | 2 Freebsd, Linux | 2 Freebsd, Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command. | |||||
CVE-1999-0330 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.2 HIGH | N/A |
Linux bdash game has a buffer overflow that allows local users to gain root access. | |||||
CVE-2003-0465 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks. | |||||
CVE-1999-0171 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
Denial of service in syslog by sending it a large number of superfluous messages. | |||||
CVE-2002-1571 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers. | |||||
CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2023-12-10 | 2.1 LOW | N/A |
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | |||||
CVE-2003-0418 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses. | |||||
CVE-2002-1574 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. | |||||
CVE-2004-0596 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference. | |||||
CVE-2001-0317 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 3.7 LOW | N/A |
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. | |||||
CVE-2004-0186 | 2 Linux, Samba | 2 Linux Kernel, Samba | 2023-12-10 | 7.2 HIGH | N/A |
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. | |||||
CVE-1999-0986 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. | |||||
CVE-2001-1392 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers. | |||||
CVE-2004-0109 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. | |||||
CVE-2004-0228 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.2 HIGH | N/A |
Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges. | |||||
CVE-2002-0510 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. | |||||
CVE-1999-0461 | 2 Linux, Sgi | 2 Linux Kernel, Irix | 2023-12-10 | 10.0 HIGH | N/A |
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. | |||||
CVE-2003-1423 | 4 Linux, Microsoft, Petitforum and 1 more | 4 Linux Kernel, All Windows, Petitforum and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. | |||||
CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2023-12-10 | 7.5 HIGH | N/A |
Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. |