VYPR

linux

by Debian

Source repositories

CVEs (3,015)

  • CVE-2011-2749Aug 15, 2011
    risk 0.03cvss epss 0.39

    The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.

  • CVE-2011-2748Aug 15, 2011
    risk 0.03cvss epss 0.39

    The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

  • CVE-2010-3850Dec 30, 2010
    risk 0.03cvss epss 0.01

    The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.

  • CVE-2010-3849Dec 30, 2010
    risk 0.03cvss epss 0.01

    The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote…

  • CVE-2010-3848Dec 30, 2010
    risk 0.03cvss epss 0.01

    Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.

  • CVE-2010-3858Nov 30, 2010
    risk 0.03cvss epss 0.01

    The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local…

  • CVE-2010-4073Nov 29, 2010
    risk 0.03cvss epss 0.02

    The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3)…

  • CVE-2010-2963Nov 26, 2010
    risk 0.03cvss epss 0.01

    drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and…

  • CVE-2010-3437Oct 4, 2010
    risk 0.03cvss epss 0.02

    Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via…

  • CVE-2010-2959Sep 8, 2010
    risk 0.03cvss epss 0.04

    Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service…

  • CVE-2010-0307Feb 17, 2010
    risk 0.03cvss epss 0.01

    The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a…

  • CVE-2006-4250Apr 10, 2007
    risk 0.03cvss epss 0.01

    Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag.

  • CVE-2006-6942Jan 19, 2007
    risk 0.03cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the…

  • CVE-2004-0996Jan 10, 2005
    risk 0.03cvss epss 0.01

    main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2003-0385Jul 2, 2003
    risk 0.03cvss epss 0.01

    Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option.

  • CVE-2003-0358Jun 9, 2003
    risk 0.03cvss epss 0.01

    Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.

  • CVE-2002-0875Sep 5, 2002
    risk 0.03cvss epss 0.01

    Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.

  • CVE-2002-0004Feb 27, 2002
    risk 0.03cvss epss 0.01

    Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

  • CVE-2001-1561Dec 31, 2001
    risk 0.03cvss epss 0.01

    Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.

  • CVE-2001-0279May 3, 2001
    risk 0.03cvss epss 0.01

    Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

Page 97 of 151