linux
by Debian
Source repositories
CVEs (3,015)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0193 | 0.03 | — | 0.01 | May 3, 2001 | Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. | |||
| CVE-2001-0170 | 0.03 | — | 0.01 | Mar 26, 2001 | glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. | |||
| CVE-2001-0111 | 0.03 | — | 0.01 | Mar 12, 2001 | Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. | |||
| CVE-2001-0112 | 0.03 | — | 0.01 | Mar 12, 2001 | Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands. | |||
| CVE-2000-0584 | 0.03 | — | 0.06 | Jul 2, 2000 | Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | |||
| CVE-2000-0607 | 0.03 | — | 0.01 | Jun 21, 2000 | Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. | |||
| CVE-2000-0229 | 0.03 | — | 0.01 | Mar 22, 2000 | gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||
| CVE-2000-0107 | 0.03 | — | 0.01 | Feb 1, 2000 | Linux apcd program allows local attackers to modify arbitrary files via a symlink attack. | |||
| CVE-1999-0986 | 0.03 | — | 0.04 | Dec 8, 1999 | The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. | |||
| CVE-1999-0769 | 0.03 | — | 0.01 | Aug 25, 1999 | Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. | |||
| CVE-1999-0730 | 0.03 | — | 0.04 | Jun 12, 1999 | The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack. | |||
| CVE-1999-0804 | 0.03 | — | 0.06 | Jun 1, 1999 | Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths. | |||
| CVE-1999-0381 | 0.03 | — | 0.01 | Feb 26, 1999 | super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. | |||
| CVE-1999-0405 | 0.03 | — | 0.01 | Feb 18, 1999 | A buffer overflow in lsof allows local users to obtain root privilege. | |||
| CVE-1999-0914 | 0.03 | — | 0.01 | Jan 3, 1999 | Buffer overflow in the FTP client in the Debian GNU/Linux netstd package. | |||
| CVE-1999-1390 | 0.03 | — | 0.01 | Apr 28, 1998 | suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line. | |||
| CVE-2015-6251 | 0.02 | — | 0.19 | Aug 24, 2015 | Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate. | |||
| CVE-2015-1283 | 0.02 | — | 0.19 | Jul 23, 2015 | Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via… | |||
| CVE-2015-2331 | 0.02 | — | 0.28 | Mar 30, 2015 | Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application… | |||
| CVE-2014-8602 | 0.02 | — | 0.25 | Dec 11, 2014 | iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals. |
- CVE-2001-0193May 3, 2001risk 0.03cvss —epss 0.01
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.
- CVE-2001-0170Mar 26, 2001risk 0.03cvss —epss 0.01
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
- CVE-2001-0111Mar 12, 2001risk 0.03cvss —epss 0.01
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.
- CVE-2001-0112Mar 12, 2001risk 0.03cvss —epss 0.01
Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands.
- CVE-2000-0584Jul 2, 2000risk 0.03cvss —epss 0.06
Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name.
- CVE-2000-0607Jun 21, 2000risk 0.03cvss —epss 0.01
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
- CVE-2000-0229Mar 22, 2000risk 0.03cvss —epss 0.01
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
- CVE-2000-0107Feb 1, 2000risk 0.03cvss —epss 0.01
Linux apcd program allows local attackers to modify arbitrary files via a symlink attack.
- CVE-1999-0986Dec 8, 1999risk 0.03cvss —epss 0.04
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
- CVE-1999-0769Aug 25, 1999risk 0.03cvss —epss 0.01
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
- CVE-1999-0730Jun 12, 1999risk 0.03cvss —epss 0.04
The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.
- CVE-1999-0804Jun 1, 1999risk 0.03cvss —epss 0.06
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
- CVE-1999-0381Feb 26, 1999risk 0.03cvss —epss 0.01
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
- CVE-1999-0405Feb 18, 1999risk 0.03cvss —epss 0.01
A buffer overflow in lsof allows local users to obtain root privilege.
- CVE-1999-0914Jan 3, 1999risk 0.03cvss —epss 0.01
Buffer overflow in the FTP client in the Debian GNU/Linux netstd package.
- CVE-1999-1390Apr 28, 1998risk 0.03cvss —epss 0.01
suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line.
- CVE-2015-6251Aug 24, 2015risk 0.02cvss —epss 0.19
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
- CVE-2015-1283Jul 23, 2015risk 0.02cvss —epss 0.19
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via…
- CVE-2015-2331Mar 30, 2015risk 0.02cvss —epss 0.28
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application…
- CVE-2014-8602Dec 11, 2014risk 0.02cvss —epss 0.25
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.
Page 98 of 151