Total
5307 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9730 | 1 Linux | 1 Linux Kernel | 2016-12-21 | 4.9 MEDIUM | N/A |
| The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | |||||
| CVE-2015-4036 | 1 Linux | 1 Linux Kernel | 2016-12-21 | 7.2 HIGH | N/A |
| Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOTE: the affected function was renamed to vhost_scsi_make_tpg before the vulnerability was announced. | |||||
| CVE-2014-9728 | 1 Linux | 1 Linux Kernel | 2016-12-21 | 4.9 MEDIUM | N/A |
| The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c. | |||||
| CVE-2015-3291 | 1 Linux | 1 Linux Kernel | 2016-12-21 | 2.1 LOW | N/A |
| arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI. | |||||
| CVE-2015-4512 | 2 Linux, Mozilla | 2 Linux Kernel, Firefox | 2016-12-21 | 6.4 MEDIUM | N/A |
| gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering. | |||||
| CVE-2015-4167 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2016-12-21 | 4.7 MEDIUM | N/A |
| The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem. | |||||
| CVE-2015-8966 | 1 Linux | 1 Linux Kernel | 2016-12-09 | 7.2 HIGH | 7.8 HIGH |
| arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call. | |||||
| CVE-2015-7613 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 6.9 MEDIUM | N/A |
| Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. | |||||
| CVE-2015-6526 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 4.9 MEDIUM | N/A |
| The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace. | |||||
| CVE-2015-0777 | 2 Linux, Xen | 2 Linux Kernel, Xen | 2016-12-07 | 2.1 LOW | N/A |
| drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory via unspecified vectors. | |||||
| CVE-2001-1392 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers. | |||||
| CVE-2001-1398 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 7.5 HIGH | N/A |
| Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability. | |||||
| CVE-2001-1396 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 3.6 LOW | N/A |
| Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact. | |||||
| CVE-2001-1395 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 3.6 LOW | N/A |
| Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact. | |||||
| CVE-2001-1397 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory. | |||||
| CVE-2001-1399 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86." | |||||
| CVE-2001-1400 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock). | |||||
| CVE-2001-1393 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang). | |||||
| CVE-2001-1394 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 2.1 LOW | N/A |
| Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service. | |||||
| CVE-2001-1390 | 1 Linux | 1 Linux Kernel | 2016-12-07 | 6.2 MEDIUM | N/A |
| Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages. | |||||