Filtered by vendor Linux
Subscriptions
Filtered by product Linux Kernel
Subscriptions
Total
17838 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3095 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2025-04-12 | N/A |
| The SQL engine in IBM DB2 9.5 through FP10, 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted UNION clause in a subquery of a SELECT statement. | ||||
| CVE-2015-2344 | 2 Linux, Vmware | 2 Linux Kernel, Vrealize Automation | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x before 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2016-0963 | 7 Adobe, Apple, Google and 4 more | 16 Air, Air Desktop Runtime, Air Sdk and 13 more | 2025-04-12 | 8.8 High |
| Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010. | ||||
| CVE-2015-8539 | 4 Canonical, Linux, Redhat and 1 more | 6 Ubuntu Linux, Linux Kernel, Enterprise Linux and 3 more | 2025-04-12 | 7.8 High |
| The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c. | ||||
| CVE-2016-2544 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time. | ||||
| CVE-2015-7513 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2025-04-12 | 6.5 Medium |
| arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions. | ||||
| CVE-2015-6937 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-12 | N/A |
| The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. | ||||
| CVE-2015-5706 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-12 | N/A |
| Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation. | ||||
| CVE-2016-2075 | 2 Linux, Vmware | 2 Linux Kernel, Vrealize Business Advanced And Enterprise | 2025-04-12 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in VMware vRealize Business Advanced and Enterprise 8.x before 8.2.5 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2015-5307 | 6 Canonical, Debian, Linux and 3 more | 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more | 2025-04-12 | N/A |
| The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. | ||||
| CVE-2016-2061 | 1 Linux | 1 Linux Kernel | 2025-04-12 | 7.8 High |
| Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call. | ||||
| CVE-2015-3332 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-12 | N/A |
| A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds. | ||||
| CVE-2015-3214 | 6 Arista, Debian, Lenovo and 3 more | 20 Eos, Debian Linux, Emc Px12-400r Ivx and 17 more | 2025-04-12 | N/A |
| The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index. | ||||
| CVE-2015-2041 | 3 Debian, Linux, Suse | 3 Debian Linux, Linux Kernel, Suse Linux Enterprise Server | 2025-04-12 | N/A |
| net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. | ||||
| CVE-2014-8160 | 6 Canonical, Debian, Linux and 3 more | 17 Ubuntu Linux, Debian Linux, Linux Kernel and 14 more | 2025-04-12 | N/A |
| net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers. | ||||
| CVE-2014-3690 | 7 Canonical, Debian, Linux and 4 more | 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more | 2025-04-12 | 5.5 Medium |
| arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. | ||||
| CVE-2014-1737 | 5 Debian, Linux, Oracle and 2 more | 12 Debian Linux, Linux Kernel, Linux and 9 more | 2025-04-12 | N/A |
| The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. | ||||
| CVE-2022-45431 | 2 Dahuasecurity, Linux | 9 Dhi-dss4004-s2, Dhi-dss4004-s2 Firmware, Dhi-dss7016d-s2 and 6 more | 2025-04-11 | 7.5 High |
| Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server. | ||||
| CVE-2022-45430 | 2 Dahuasecurity, Linux | 9 Dhi-dss4004-s2, Dhi-dss4004-s2 Firmware, Dhi-dss7016d-s2 and 6 more | 2025-04-11 | 3.7 Low |
| Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could enable or disable the SSHD service. | ||||
| CVE-2022-34674 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2025-04-11 | 6.8 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak. | ||||