Total
6049 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2803 | 4 Debian, Linux, Opensuse and 1 more | 7 Debian Linux, Linux Kernel, Opensuse and 4 more | 2023-12-10 | 1.9 LOW | N/A |
| The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount. | |||||
| CVE-2010-3877 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-12-10 | 1.9 LOW | N/A |
| The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. | |||||
| CVE-2011-0619 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2023-12-10 | 9.3 HIGH | N/A |
| Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0620, CVE-2011-0621, and CVE-2011-0622. | |||||
| CVE-2011-1412 | 4 Ioquake3, Linux, Openarena and 1 more | 4 Ioquake3 Engine, Linux Kernel, Openarena and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
| sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in World of Padman 1.5.x before 1.5.1.1 and OpenArena 0.8.x-15 and 0.8.x-16, allows remote game servers to execute arbitrary commands via shell metacharacters in a long fs_game variable. | |||||
| CVE-2010-4574 | 2 Google, Linux | 3 Chrome, Chrome Os, Linux Kernel | 2023-12-10 | 7.5 HIGH | N/A |
| The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or possibly have unspecified other impact, via invalid pickle data. | |||||
| CVE-2010-4655 | 3 Canonical, Linux, Vmware | 3 Ubuntu Linux, Linux Kernel, Esx | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call. | |||||
| CVE-2011-3123 | 2 Ibm, Linux | 3 Infosphere Datastage, Infosphere Information Server, Linux Kernel | 2023-12-10 | 7.2 HIGH | N/A |
| IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | |||||
| CVE-2010-3865 | 3 Linux, Opensuse, Suse | 4 Linux Kernel, Opensuse, Linux Enterprise High Availability Extension and 1 more | 2023-12-10 | 7.2 HIGH | N/A |
| Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow. | |||||
| CVE-2010-2066 | 4 Canonical, Linux, Suse and 1 more | 6 Ubuntu Linux, Linux Kernel, Linux Enterprise High Availability Extension and 3 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor. | |||||
| CVE-2011-1186 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
| Google Chrome before 10.0.648.127 on Linux does not properly handle parallel execution of calls to the print method, which might allow remote attackers to cause a denial of service (application crash) via crafted JavaScript code. | |||||
| CVE-2012-0768 | 6 Adobe, Apple, Google and 3 more | 7 Flash Player, Flash Player For Android, Mac Os X and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
| The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2010-4247 | 2 Citrix, Linux | 2 Xen, Linux Kernel | 2023-12-10 | 5.5 MEDIUM | N/A |
| The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-1745 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Enterprise Linux Aus and 4 more | 2023-12-10 | 6.9 MEDIUM | N/A |
| Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. | |||||
| CVE-2010-1488 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
| The proc_oom_score function in fs/proc/base.c in the Linux kernel before 2.6.34-rc4 uses inappropriate data structures during selection of a candidate for the OOM killer, which might allow local users to cause a denial of service via unspecified patterns of task creation. | |||||
| CVE-2010-2959 | 5 Debian, Fedoraproject, Linux and 2 more | 8 Debian Linux, Fedora, Linux Kernel and 5 more | 2023-12-10 | 7.2 HIGH | N/A |
| Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic. | |||||
| CVE-2011-1113 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2023-12-10 | 5.0 MEDIUM | N/A |
| Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-0623 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2023-12-10 | 9.3 HIGH | N/A |
| Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0624, CVE-2011-0625, and CVE-2011-0626. | |||||
| CVE-2010-3873 | 4 Debian, Linux, Opensuse and 1 more | 4 Debian Linux, Linux Kernel, Opensuse and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed (1) X25_FAC_CALLING_AE or (2) X25_FAC_CALLED_AE data, related to net/x25/x25_facilities.c and net/x25/x25_in.c, a different vulnerability than CVE-2010-4164. | |||||
| CVE-2010-4785 | 4 Ibm, Linux, Microsoft and 1 more | 4 Tivoli Directory Server, Linux Kernel, Windows and 1 more | 2023-12-10 | 4.0 MEDIUM | N/A |
| The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID. | |||||
| CVE-2011-0709 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table. | |||||