Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-3080 | 7 Canonical, Debian, Linux and 4 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2023-12-10 | 7.2 HIGH | N/A |
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. | |||||
CVE-2008-3832 | 2 Linux, Redhat | 2 Linux Kernel, Fedora | 2023-12-10 | 4.9 MEDIUM | N/A |
A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or hang) via a call to the utrace_control function. | |||||
CVE-2007-4134 | 1 Redhat | 1 Fedora | 2023-12-10 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. | |||||
CVE-2007-5159 | 3 Ntfs-3g, Redhat, Ubuntu | 3 Ntfs-3g, Fedora, Ubuntu Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions (setuid root) to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary block devices, possibly involving a file descriptor leak. | |||||
CVE-2008-0668 | 2 Gnome, Redhat | 2 Gnumeric, Fedora | 2023-12-10 | 9.3 HIGH | N/A |
The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-0932 | 3 Debian, Redhat, The Sword Project | 4 Debian Linux, Fedora, Diatheke Front End and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter. | |||||
CVE-2007-6284 | 3 Debian, Mandrakesoft, Redhat | 4 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences. |