Total
7752 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7284 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.4 MEDIUM | N/A |
| The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values. | |||||
| CVE-2014-7283 | 2 Linux, Redhat | 2 Linux Kernel, Mrg Realtime | 2024-11-21 | 4.9 MEDIUM | N/A |
| The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations. | |||||
| CVE-2014-7207 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
| A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access. | |||||
| CVE-2014-7145 | 3 Canonical, Linux, Redhat | 6 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 3 more | 2024-11-21 | 7.8 HIGH | N/A |
| The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. | |||||
| CVE-2014-6418 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 7.1 HIGH | N/A |
| net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor. | |||||
| CVE-2014-6417 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 HIGH | N/A |
| net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket. | |||||
| CVE-2014-6416 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 7.8 HIGH | N/A |
| Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket. | |||||
| CVE-2014-6410 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.7 MEDIUM | N/A |
| The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode. | |||||
| CVE-2014-6195 | 4 Ibm, Linux, Microsoft and 1 more | 7 Aix, Linux On Ibm Z, Tivoli Storage Manager and 4 more | 2024-11-21 | 1.9 LOW | N/A |
| The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup-Archive client 5.4 and 5.5 before 5.5.4.4 on AIX, Linux, and Solaris; 5.4.x and 5.5.x on Windows and z/OS; 6.1 before 6.1.5.7 on z/OS; 6.1 and 6.2 before 6.2.5.2 on Windows, before 6.2.5.3 on AIX and Linux x86, and before 6.2.5.4 on Linux Z and Solaris; 6.3 before 6.3.2.1 on AIX, before 6.3.2.2 on Windows, and before 6.3.2.3 on Linux; 6.4 before 6.4.2.1; and 7.1 before 7.1.1 in IBM TSM for Mail, when the Data Protection for Lotus Domino component is used, allow local users to bypass authentication and restore a Domino database or transaction-log backup via unspecified vectors. | |||||
| CVE-2014-6184 | 4 Apple, Ibm, Linux and 1 more | 4 Macos, Tivoli Storage Manager, Linux Kernel and 1 more | 2024-11-21 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2014-6154 | 3 Ibm, Linux, Microsoft | 3 Optim Performance Manager, Linux Kernel, Windows | 2024-11-21 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2014-5472 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.0 MEDIUM | N/A |
| The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry. | |||||
| CVE-2014-5471 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.0 MEDIUM | N/A |
| Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry. | |||||
| CVE-2014-5333 | 5 Adobe, Apple, Google and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2024-11-21 | 4.3 MEDIUM | N/A |
| Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API, in conjunction with a manipulation involving a '$' (dollar sign) or '(' (open parenthesis) character. NOTE: this issue exists because of an incomplete fix for CVE-2014-4671. | |||||
| CVE-2014-5332 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.9 MEDIUM | N/A |
| Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox. | |||||
| CVE-2014-5207 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 6.2 MEDIUM | N/A |
| fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace. | |||||
| CVE-2014-5206 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 7.2 HIGH | N/A |
| The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace. | |||||
| CVE-2014-5077 | 4 Canonical, Linux, Redhat and 1 more | 8 Ubuntu Linux, Linux Kernel, Enterprise Linux Eus and 5 more | 2024-11-21 | 7.1 HIGH | N/A |
| The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction. | |||||
| CVE-2014-5045 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux Eus, Enterprise Linux Server Aus and 1 more | 2024-11-21 | 6.2 MEDIUM | N/A |
| The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program. | |||||
| CVE-2014-4943 | 5 Debian, Linux, Opensuse and 2 more | 6 Debian Linux, Linux Kernel, Opensuse and 3 more | 2024-11-21 | 6.9 MEDIUM | N/A |
| The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. | |||||