Total
12 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-3547 | 8 Canonical, Fedoraproject, Linux and 5 more | 14 Ubuntu Linux, Fedora, Linux Kernel and 11 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. | |||||
CVE-2009-2848 | 8 Canonical, Fedoraproject, Linux and 5 more | 13 Ubuntu Linux, Fedora, Linux Kernel and 10 more | 2024-11-21 | 5.9 MEDIUM | N/A |
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. | |||||
CVE-2008-5021 | 7 Canonical, Debian, Fedoraproject and 4 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2024-11-21 | 9.3 HIGH | N/A |
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory. | |||||
CVE-2008-4636 | 3 Novell, Opensuse, Suse | 7 Linux Desktop, Open Enterprise Server, Opensuse and 4 more | 2024-11-21 | 7.2 HIGH | N/A |
yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process. | |||||
CVE-2008-2812 | 7 Avaya, Canonical, Debian and 4 more | 15 Communication Manager, Expanded Meet-me Conferencing, Intuity Audix Lx and 12 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. | |||||
CVE-2007-6716 | 6 Canonical, Debian, Linux and 3 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. | |||||
CVE-2006-0736 | 1 Novell | 2 Linux Desktop, Open Enterprise Server | 2024-11-21 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2005-1767 | 2 Novell, Suse | 3 Linux Desktop, Open Enterprise Server, Suse Linux | 2024-11-20 | 2.1 LOW | N/A |
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). | |||||
CVE-2005-1763 | 2 Novell, Suse | 2 Linux Desktop, Suse Linux | 2024-11-20 | 7.2 HIGH | N/A |
Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory. | |||||
CVE-2005-1761 | 2 Novell, Suse | 3 Linux Desktop, Open Enterprise Server, Suse Linux | 2024-11-20 | 2.1 LOW | N/A |
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function. | |||||
CVE-2005-1065 | 1 Novell | 1 Linux Desktop | 2024-11-20 | 2.1 LOW | N/A |
tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory. | |||||
CVE-2005-1040 | 1 Novell | 1 Linux Desktop | 2024-11-20 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification." |