linux

Source repositories

https://github.com/torvalds/linux

CVEs (3,007)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2010-4345	Exim Exim	Hig	0.67	7.8	0.18	KEV	Dec 14, 2010	Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
CVE-2009-3555	Apache HTTP Server	Cri	0.67	9.8	0.87		Nov 9, 2009	The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4…
CVE-2017-17405	Ruby Lang Ruby	Hig	0.66	8.8	0.74		Dec 15, 2017	Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "\|" pipe character, the command following the pipe character is…
CVE-2016-2148	Busybox Busybox	Cri	0.66	9.8	0.28		Feb 9, 2017	Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.
CVE-2016-7117	Linux Kernel	Cri	0.66	9.8	0.24		Oct 10, 2016	Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
CVE-2016-3955	Linux Kernel	Cri	0.66	9.8	0.26		Jul 3, 2016	The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.
CVE-2016-0705	OpenSSL Project OpenSSL	Cri	0.66	9.8	0.26		Mar 3, 2016	Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA…
CVE-2023-44487	Ietf HTTP	Hig	0.65	7.5	1.00	KEV	Oct 10, 2023	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2017-8817	Curl Curl	Cri	0.65	9.8	0.11		Nov 29, 2017	The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
CVE-2017-16845	QEMU Qemu	Cri	0.65	10.0	0.03		Nov 17, 2017	hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.
CVE-2017-3167	Apache Httpd	Cri	0.65	9.8	0.20		Jun 20, 2017	In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
CVE-2017-7895	Linux Kernel	Cri	0.65	9.8	0.11		Apr 28, 2017	The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to…
CVE-2016-1908	OpenSSH OpenSSH	Cri	0.65	9.8	0.14		Apr 11, 2017	The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging…
CVE-2016-5771	PHP PHP	Cri	0.65	9.8	0.15		Aug 7, 2016	spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application…
CVE-2016-0718	Libexpat Project Expat	Cri	0.65	9.8	0.13		May 26, 2016	Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
CVE-2015-4643	PHP PHP	Cri	0.65	9.8	0.17		May 16, 2016	Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this…
CVE-2016-2056	Xymon Xymon	Hig	0.65	8.8	0.55		Apr 13, 2016	xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the adduser_name argument in (1) web/useradm.c or (2) web/chpasswd.c.
CVE-2008-0062	Mit Kerberos 5	Cri	0.65	9.8	0.10		Mar 19, 2008	KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
CVE-2005-1689	Mit Kerberos 5	Cri	0.65	9.8	0.11		Jul 18, 2005	Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
CVE-2005-1513	Qmail Project Qmail	Cri	0.65	9.8	0.11		May 11, 2005	Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

CVE-2010-4345HigKEVDec 14, 2010
Exim
Exim
risk 0.67cvss 7.8epss 0.18
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
CVE-2009-3555CriNov 9, 2009
Apache
HTTP Server
risk 0.67cvss 9.8epss 0.87
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4…
CVE-2017-17405HigDec 15, 2017
Ruby Lang
Ruby
risk 0.66cvss 8.8epss 0.74
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is…
CVE-2016-2148CriFeb 9, 2017
Busybox
Busybox
risk 0.66cvss 9.8epss 0.28
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing.
CVE-2016-7117CriOct 10, 2016
Linux
Kernel
risk 0.66cvss 9.8epss 0.24
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
CVE-2016-3955CriJul 3, 2016
Linux
Kernel
risk 0.66cvss 9.8epss 0.26
The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.
CVE-2016-0705CriMar 3, 2016
OpenSSL Project
OpenSSL
risk 0.66cvss 9.8epss 0.26
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA…
CVE-2023-44487HigKEVOct 10, 2023
Ietf
HTTP
risk 0.65cvss 7.5epss 1.00
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2017-8817CriNov 29, 2017
Curl
Curl
risk 0.65cvss 9.8epss 0.11
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
CVE-2017-16845CriNov 17, 2017
QEMU
Qemu
risk 0.65cvss 10.0epss 0.03
hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.
CVE-2017-3167CriJun 20, 2017
Apache
Httpd
risk 0.65cvss 9.8epss 0.20
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
CVE-2017-7895CriApr 28, 2017
Linux
Kernel
risk 0.65cvss 9.8epss 0.11
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to…
CVE-2016-1908CriApr 11, 2017
OpenSSH
OpenSSH
risk 0.65cvss 9.8epss 0.14
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging…
CVE-2016-5771CriAug 7, 2016
PHP
PHP
risk 0.65cvss 9.8epss 0.15
spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application…
CVE-2016-0718CriMay 26, 2016
Libexpat Project
Expat
risk 0.65cvss 9.8epss 0.13
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
CVE-2015-4643CriMay 16, 2016
PHP
PHP
risk 0.65cvss 9.8epss 0.17
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this…
CVE-2016-2056HigApr 13, 2016
Xymon
Xymon
risk 0.65cvss 8.8epss 0.55
xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the adduser_name argument in (1) web/useradm.c or (2) web/chpasswd.c.
CVE-2008-0062CriMar 19, 2008
Mit
Kerberos 5
risk 0.65cvss 9.8epss 0.10
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
CVE-2005-1689CriJul 18, 2005
Mit
Kerberos 5
risk 0.65cvss 9.8epss 0.11
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
CVE-2005-1513CriMay 11, 2005
Qmail Project
Qmail
risk 0.65cvss 9.8epss 0.11
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

Page 3 of 151