Total
7696 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1069 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2024-11-20 | 1.2 LOW | N/A |
| Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function. | |||||
| CVE-2004-1068 | 3 Linux, Redhat, Ubuntu | 5 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-11-20 | 6.2 MEDIUM | N/A |
| A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. | |||||
| CVE-2004-1058 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2024-11-20 | 1.2 LOW | N/A |
| Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline. | |||||
| CVE-2004-1057 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-20 | 7.2 HIGH | N/A |
| Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages. | |||||
| CVE-2004-1056 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2024-11-20 | 6.4 MEDIUM | N/A |
| Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. | |||||
| CVE-2004-1017 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 10.0 HIGH | N/A |
| Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors. | |||||
| CVE-2004-1016 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2024-11-20 | 2.1 LOW | N/A |
| The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. | |||||
| CVE-2004-0997 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2004-0986 | 4 Debian, Linux, Redhat and 1 more | 4 Debian Linux, Linux Kernel, Fedora Core and 1 more | 2024-11-20 | 7.5 HIGH | N/A |
| Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers. | |||||
| CVE-2004-0949 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-20 | 6.4 MEDIUM | N/A |
| The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. | |||||
| CVE-2004-0887 | 2 Linux, Suse | 2 Linux Kernel, Suse Linux | 2024-11-20 | 7.2 HIGH | N/A |
| SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges. | |||||
| CVE-2004-0883 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-20 | 6.4 MEDIUM | N/A |
| Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function. | |||||
| CVE-2004-0816 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 5.0 MEDIUM | 7.5 HIGH |
| Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet. | |||||
| CVE-2004-0814 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2024-11-20 | 1.2 LOW | N/A |
| Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. | |||||
| CVE-2004-0812 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop | 2024-11-20 | 2.1 LOW | N/A |
| Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code. | |||||
| CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2024-11-20 | 7.5 HIGH | N/A |
| Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
| CVE-2004-0685 | 3 Linux, Redhat, Trustix | 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2024-11-20 | 4.6 MEDIUM | N/A |
| Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage. | |||||
| CVE-2004-0658 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 7.2 HIGH | N/A |
| Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket. | |||||
| CVE-2004-0626 | 4 Conectiva, Gentoo, Linux and 1 more | 4 Linux, Linux, Linux Kernel and 1 more | 2024-11-20 | 5.0 MEDIUM | N/A |
| The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type. | |||||
| CVE-2004-0596 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 2.1 LOW | N/A |
| The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference. | |||||