Vendor CVEs
Linux
All CVEs
15,931 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0006 | 0.00 | — | 0.00 | Dec 25, 1999 | strace allows local users to read arbitrary files via memory mapped file names. | |||
| CVE-1999-0317 | 0.00 | — | 0.00 | Nov 25, 1999 | Buffer overflow in Linux su command gives root access to local users. | |||
| CVE-1999-0831 | 0.00 | — | 0.01 | Nov 19, 1999 | Denial of service in Linux syslogd via a large number of connections. | |||
| CVE-1999-1341 | 0.00 | — | 0.00 | Oct 22, 1999 | Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices. | |||
| CVE-1999-1352 | 0.00 | — | 0.00 | Sep 28, 1999 | mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges. | |||
| CVE-1999-0740 | 0.00 | — | 0.02 | Aug 19, 1999 | Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable. | |||
| CVE-1999-0461 | 0.00 | — | 0.03 | Jan 28, 1999 | Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. | |||
| CVE-1999-0457 | 0.00 | — | 0.00 | Jan 17, 1999 | Linux ftpwatch program allows local users to gain root privileges. | |||
| CVE-1999-0656 | 0.00 | — | 0.02 | Jan 1, 1999 | The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. | |||
| CVE-1999-0401 | 0.00 | — | 0.00 | Jan 1, 1999 | A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | |||
| CVE-1999-0243 | 0.00 | — | 0.02 | Jan 1, 1999 | Linux cfingerd could be exploited to gain root access. | |||
| CVE-1999-1285 | 0.00 | — | 0.00 | Dec 27, 1998 | Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed. | |||
| CVE-1999-1276 | 0.00 | — | 0.00 | Dec 7, 1998 | fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device. | |||
| CVE-1999-0782 | 0.00 | — | 0.00 | Nov 18, 1998 | KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | |||
| CVE-1999-0780 | 0.00 | — | 0.00 | Nov 18, 1998 | KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. | |||
| CVE-1999-0781 | 0.00 | — | 0.00 | Nov 18, 1998 | KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. | |||
| CVE-1999-0257 | 0.00 | — | 0.01 | Apr 1, 1998 | Nestea variation of teardrop IP fragmentation denial of service. | |||
| CVE-1999-0330 | 0.00 | — | 0.00 | Mar 1, 1998 | Linux bdash game has a buffer overflow that allows local users to gain root access. | |||
| CVE-1999-0216 | 0.00 | — | 0.03 | Nov 1, 1997 | Denial of service of inetd on Linux through SYN and RST packets. | |||
| CVE-1999-0061 | 0.00 | — | 0.02 | Oct 2, 1997 | File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). | |||
| CVE-1999-0183 | 0.00 | — | 0.02 | Sep 1, 1997 | Linux implementations of TFTP would allow access to files outside the restricted directory. | |||
| CVE-1999-1225 | 0.00 | — | 0.02 | Aug 24, 1997 | rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. | |||
| CVE-1999-1182 | 0.00 | — | 0.00 | Jul 17, 1997 | Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||
| CVE-1999-0628 | 0.00 | — | 0.01 | Jul 1, 1997 | The rwho/rwhod service is running, which exposes machine status and user information. | |||
| CVE-1999-0195 | 0.00 | — | 0.01 | Jul 1, 1997 | Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. | |||
| CVE-1999-0165 | 0.00 | — | 0.02 | Mar 1, 1997 | NFS cache poisoning. | |||
| CVE-1999-1299 | 0.00 | — | 0.02 | Feb 3, 1997 | rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. | |||
| CVE-1999-0171 | 0.00 | — | 0.00 | Jan 1, 1997 | Denial of service in syslog by sending it a large number of superfluous messages. | |||
| CVE-1999-0138 | 0.00 | — | 0.01 | Jun 26, 1996 | The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | |||
| CVE-1999-0123 | 0.00 | — | 0.00 | Dec 1, 1995 | Race condition in Linux mailx command allows local users to read user files. | |||
| CVE-1999-0245 | 0.00 | — | 0.00 | Sep 7, 1995 | Some configurations of NIS+ in Linux allowed attackers to log in as the user "+". |
- CVE-2000-0006Dec 25, 1999risk 0.00cvss —epss 0.00
strace allows local users to read arbitrary files via memory mapped file names.
- CVE-1999-0317Nov 25, 1999risk 0.00cvss —epss 0.00
Buffer overflow in Linux su command gives root access to local users.
- CVE-1999-0831Nov 19, 1999risk 0.00cvss —epss 0.01
Denial of service in Linux syslogd via a large number of connections.
- CVE-1999-1341Oct 22, 1999risk 0.00cvss —epss 0.00
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices.
- CVE-1999-1352Sep 28, 1999risk 0.00cvss —epss 0.00
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.
- CVE-1999-0740Aug 19, 1999risk 0.00cvss —epss 0.02
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
- CVE-1999-0461Jan 28, 1999risk 0.00cvss —epss 0.03
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.
- CVE-1999-0457Jan 17, 1999risk 0.00cvss —epss 0.00
Linux ftpwatch program allows local users to gain root privileges.
- CVE-1999-0656Jan 1, 1999risk 0.00cvss —epss 0.02
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.
- CVE-1999-0401Jan 1, 1999risk 0.00cvss —epss 0.00
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
- CVE-1999-0243Jan 1, 1999risk 0.00cvss —epss 0.02
Linux cfingerd could be exploited to gain root access.
- CVE-1999-1285Dec 27, 1998risk 0.00cvss —epss 0.00
Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.
- CVE-1999-1276Dec 7, 1998risk 0.00cvss —epss 0.00
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.
- CVE-1999-0782Nov 18, 1998risk 0.00cvss —epss 0.00
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
- CVE-1999-0780Nov 18, 1998risk 0.00cvss —epss 0.00
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
- CVE-1999-0781Nov 18, 1998risk 0.00cvss —epss 0.00
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
- CVE-1999-0257Apr 1, 1998risk 0.00cvss —epss 0.01
Nestea variation of teardrop IP fragmentation denial of service.
- CVE-1999-0330Mar 1, 1998risk 0.00cvss —epss 0.00
Linux bdash game has a buffer overflow that allows local users to gain root access.
- CVE-1999-0216Nov 1, 1997risk 0.00cvss —epss 0.03
Denial of service of inetd on Linux through SYN and RST packets.
- CVE-1999-0061Oct 2, 1997risk 0.00cvss —epss 0.02
File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).
- CVE-1999-0183Sep 1, 1997risk 0.00cvss —epss 0.02
Linux implementations of TFTP would allow access to files outside the restricted directory.
- CVE-1999-1225Aug 24, 1997risk 0.00cvss —epss 0.02
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
- CVE-1999-1182Jul 17, 1997risk 0.00cvss —epss 0.00
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
- CVE-1999-0628Jul 1, 1997risk 0.00cvss —epss 0.01
The rwho/rwhod service is running, which exposes machine status and user information.
- CVE-1999-0195Jul 1, 1997risk 0.00cvss —epss 0.01
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.
- CVE-1999-0165Mar 1, 1997risk 0.00cvss —epss 0.02
NFS cache poisoning.
- CVE-1999-1299Feb 3, 1997risk 0.00cvss —epss 0.02
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
- CVE-1999-0171Jan 1, 1997risk 0.00cvss —epss 0.00
Denial of service in syslog by sending it a large number of superfluous messages.
- CVE-1999-0138Jun 26, 1996risk 0.00cvss —epss 0.01
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
- CVE-1999-0123Dec 1, 1995risk 0.00cvss —epss 0.00
Race condition in Linux mailx command allows local users to read user files.
- CVE-1999-0245Sep 7, 1995risk 0.00cvss —epss 0.00
Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".
Page 319 of 319