linux
by Debian
Source repositories
CVEs (3,015)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-2749 | 0.03 | — | 0.39 | Aug 15, 2011 | The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. | |||
| CVE-2011-2748 | 0.03 | — | 0.39 | Aug 15, 2011 | The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. | |||
| CVE-2010-3850 | 0.03 | — | 0.01 | Dec 30, 2010 | The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call. | |||
| CVE-2010-3849 | 0.03 | — | 0.01 | Dec 30, 2010 | The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote… | |||
| CVE-2010-3848 | 0.03 | — | 0.01 | Dec 30, 2010 | Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures. | |||
| CVE-2010-3858 | 0.03 | — | 0.01 | Nov 30, 2010 | The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local… | |||
| CVE-2010-4073 | 0.03 | — | 0.02 | Nov 29, 2010 | The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3)… | |||
| CVE-2010-2963 | 0.03 | — | 0.01 | Nov 26, 2010 | drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and… | |||
| CVE-2010-3437 | 0.03 | — | 0.02 | Oct 4, 2010 | Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via… | |||
| CVE-2010-2959 | 0.03 | — | 0.04 | Sep 8, 2010 | Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service… | |||
| CVE-2010-0307 | 0.03 | — | 0.01 | Feb 17, 2010 | The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a… | |||
| CVE-2006-4250 | 0.03 | — | 0.01 | Apr 10, 2007 | Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag. | |||
| CVE-2006-6942 | 0.03 | — | 0.03 | Jan 19, 2007 | Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the… | |||
| CVE-2004-0996 | 0.03 | — | 0.01 | Jan 10, 2005 | main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2003-0385 | 0.03 | — | 0.01 | Jul 2, 2003 | Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. | |||
| CVE-2003-0358 | 0.03 | — | 0.01 | Jun 9, 2003 | Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option. | |||
| CVE-2002-0875 | 0.03 | — | 0.01 | Sep 5, 2002 | Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. | |||
| CVE-2002-0004 | 0.03 | — | 0.01 | Feb 27, 2002 | Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | |||
| CVE-2001-1561 | 0.03 | — | 0.01 | Dec 31, 2001 | Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments. | |||
| CVE-2001-0279 | 0.03 | — | 0.01 | May 3, 2001 | Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. |
- CVE-2011-2749Aug 15, 2011risk 0.03cvss —epss 0.39
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
- CVE-2011-2748Aug 15, 2011risk 0.03cvss —epss 0.39
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
- CVE-2010-3850Dec 30, 2010risk 0.03cvss —epss 0.01
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.
- CVE-2010-3849Dec 30, 2010risk 0.03cvss —epss 0.01
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote…
- CVE-2010-3848Dec 30, 2010risk 0.03cvss —epss 0.01
Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.
- CVE-2010-3858Nov 30, 2010risk 0.03cvss —epss 0.01
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local…
- CVE-2010-4073Nov 29, 2010risk 0.03cvss —epss 0.02
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3)…
- CVE-2010-2963Nov 26, 2010risk 0.03cvss —epss 0.01
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and…
- CVE-2010-3437Oct 4, 2010risk 0.03cvss —epss 0.02
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via…
- CVE-2010-2959Sep 8, 2010risk 0.03cvss —epss 0.04
Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service…
- CVE-2010-0307Feb 17, 2010risk 0.03cvss —epss 0.01
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a…
- CVE-2006-4250Apr 10, 2007risk 0.03cvss —epss 0.01
Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag.
- CVE-2006-6942Jan 19, 2007risk 0.03cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the…
- CVE-2004-0996Jan 10, 2005risk 0.03cvss —epss 0.01
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2003-0385Jul 2, 2003risk 0.03cvss —epss 0.01
Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option.
- CVE-2003-0358Jun 9, 2003risk 0.03cvss —epss 0.01
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
- CVE-2002-0875Sep 5, 2002risk 0.03cvss —epss 0.01
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
- CVE-2002-0004Feb 27, 2002risk 0.03cvss —epss 0.01
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
- CVE-2001-1561Dec 31, 2001risk 0.03cvss —epss 0.01
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
- CVE-2001-0279May 3, 2001risk 0.03cvss —epss 0.01
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
Page 97 of 151