Filtered by vendor Linux
Subscribe
Total
7096 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0001 | 4 Freebsd, Linux, Microsoft and 1 more | 5 Freebsd, Linux Kernel, Windows 2000 and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | |||||
CVE-2004-0814 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2024-02-28 | 1.2 LOW | N/A |
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. | |||||
CVE-2001-0317 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 3.7 LOW | N/A |
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. | |||||
CVE-2004-0181 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device. | |||||
CVE-1999-0414 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 5.0 MEDIUM | N/A |
In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection. | |||||
CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2024-02-28 | 7.5 HIGH | N/A |
Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
CVE-1999-0171 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
Denial of service in syslog by sending it a large number of superfluous messages. | |||||
CVE-1999-1341 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.6 MEDIUM | N/A |
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices. | |||||
CVE-2003-0959 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 10.0 HIGH | N/A |
Multiple integer overflows in the 32bit emulation for AMD64 architectures in Linux 2.4 kernel before 2.4.21 allows attackers to cause a denial of service or gain root privileges via unspecified vectors that trigger copy_from_user function calls with improper length arguments. | |||||
CVE-2003-1428 | 2 Bharat Mediratta, Linux | 2 Gallery, Linux Kernel | 2024-02-28 | 4.8 MEDIUM | N/A |
Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos. | |||||
CVE-2002-0429 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 3.6 LOW | N/A |
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall). | |||||
CVE-2001-0914 | 2 Linux, Suse | 2 Linux Kernel, Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading. | |||||
CVE-2003-0462 | 2 Linux, Mandrakesoft | 4 Linux Kernel, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2024-02-28 | 1.2 LOW | N/A |
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). | |||||
CVE-1999-0195 | 2 Linux, Sgi | 2 Linux Kernel, Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. | |||||
CVE-2003-0984 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.6 MEDIUM | N/A |
Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space. | |||||
CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2024-02-28 | 2.1 LOW | N/A |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |