Filtered by vendor Linux
Subscriptions
Total
20089 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0160 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device. | ||||
| CVE-2012-6638 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-04-11 | N/A |
| The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663. | ||||
| CVE-2013-6367 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-11 | N/A |
| The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value. | ||||
| CVE-2012-6392 | 2 Cisco, Linux | 2 Prime Lan Management Solution, Linux Kernel | 2025-04-11 | N/A |
| Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux does not properly validate authentication and authorization requests in TCP sessions, which allows remote attackers to execute arbitrary commands via a crafted session, aka Bug ID CSCuc79779. | ||||
| CVE-2013-1774 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | N/A |
| The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter. | ||||
| CVE-2013-0268 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | N/A |
| The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. | ||||
| CVE-2012-6536 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and providing a (1) new or (2) updated state. | ||||
| CVE-2012-6540 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. | ||||
| CVE-2012-2856 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2025-04-11 | N/A |
| The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. | ||||
| CVE-2012-6543 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. | ||||
| CVE-2012-2855 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | ||||
| CVE-2012-2854 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2025-04-11 | N/A |
| Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to obtain potentially sensitive information about pointer values by leveraging access to a WebUI renderer process. | ||||
| CVE-2012-2851 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2025-04-11 | N/A |
| Multiple integer overflows in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | ||||
| CVE-2012-2137 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function. | ||||
| CVE-2011-3123 | 2 Ibm, Linux | 3 Infosphere Datastage, Infosphere Information Server, Linux Kernel | 2025-04-11 | N/A |
| IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | ||||
| CVE-2010-4258 | 4 Fedoraproject, Linux, Opensuse and 1 more | 7 Fedora, Linux Kernel, Opensuse and 4 more | 2025-04-11 | N/A |
| The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call. | ||||
| CVE-2011-3191 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | 8.8 High |
| Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. | ||||
| CVE-2011-1444 | 3 Debian, Google, Linux | 3 Debian Linux, Chrome, Linux Kernel | 2025-04-11 | N/A |
| Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2012-1097 | 3 Linux, Redhat, Suse | 7 Linux Kernel, Enterprise Linux, Enterprise Mrg and 4 more | 2025-04-11 | 7.8 High |
| The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call. | ||||
| CVE-2011-2887 | 2 Ibm, Linux | 2 Lotus Symphony, Linux Kernel | 2025-04-11 | N/A |
| IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document. | ||||