Filtered by vendor Linux
Subscribe
Total
5378 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-4376 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2011-01-18 | 9.3 HIGH | N/A |
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a large Screen Width value in the Screen Descriptor header of a GIF87a file in an RTSP stream. | |||||
CVE-2010-4395 | 2 Linux, Realnetworks | 3 Linux Kernel, Realplayer, Realplayer Sp | 2011-01-18 | 9.3 HIGH | N/A |
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted conditional component in AAC frame data. | |||||
CVE-2010-4390 | 2 Linux, Realnetworks | 3 Linux Kernel, Realplayer, Realplayer Sp | 2011-01-18 | 9.3 HIGH | N/A |
Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allow remote attackers to have an unspecified impact via a crafted header in an IVR file. | |||||
CVE-2010-4387 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2011-01-18 | 9.3 HIGH | N/A |
The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted audio stream in a RealMedia file. | |||||
CVE-2010-4397 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2011-01-18 | 9.3 HIGH | N/A |
Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted TIT2 atom in an AAC file. | |||||
CVE-2010-4389 | 2 Linux, Realnetworks | 3 Linux Kernel, Realplayer, Realplayer Sp | 2011-01-18 | 9.3 HIGH | N/A |
Heap-based buffer overflow in the cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via unspecified data in the initialization buffer. | |||||
CVE-2010-2579 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2011-01-18 | 5.0 MEDIUM | N/A |
The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize the number of channels, which allows attackers to obtain unspecified "memory access" via unknown vectors. | |||||
CVE-2010-2999 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2011-01-18 | 9.3 HIGH | N/A |
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed MLLT atom in an AAC file. | |||||
CVE-2010-0121 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2011-01-18 | 10.0 HIGH | N/A |
The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors. | |||||
CVE-2006-3634 | 1 Linux | 1 Linux Kernel | 2011-01-18 | 4.9 MEDIUM | N/A |
The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 perform the atomic futex operation in the kernel address space instead of the user address space, which allows local users to cause a denial of service (crash). | |||||
CVE-2010-4111 | 3 Hp, Linux, Microsoft | 3 Insight Diagnostics, Linux Kernel, Windows | 2011-01-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2010-4605 | 2 Ibm, Linux | 2 Tivoli Storage Manager, Linux Kernel | 2011-01-03 | 6.6 MEDIUM | N/A |
Unspecified vulnerability in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows local users to overwrite arbitrary files via unknown vectors. | |||||
CVE-2010-3038 | 2 Cisco, Linux | 5 Unified Videoconferencing System 5110, Unified Videoconferencing System 5110 Firmware, Unified Videoconferencing System 5115 and 2 more | 2010-12-09 | 10.0 HIGH | N/A |
Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, has a default password for the (1) root, (2) cs, and (3) develop accounts, which makes it easier for remote attackers to obtain access via the (a) FTP or (b) SSH daemon, aka Bug ID CSCti54008. | |||||
CVE-2010-4302 | 2 Cisco, Linux | 5 Unified Videoconferencing System 5110, Unified Videoconferencing System 5110 Firmware, Unified Videoconferencing System 5115 and 2 more | 2010-11-29 | 4.9 MEDIUM | N/A |
/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) operator passwords, which makes it easier for local users to obtain sensitive information by recovering the cleartext values, aka Bug ID CSCti54010. | |||||
CVE-2010-4303 | 2 Cisco, Linux | 5 Unified Videoconferencing System 5110, Unified Videoconferencing System 5110 Firmware, Unified Videoconferencing System 5115 and 2 more | 2010-11-29 | 4.9 MEDIUM | N/A |
Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses world-readable permissions for the /etc/shadow file, which allows local users to discover encrypted passwords by reading this file, aka Bug ID CSCti54043. | |||||
CVE-2007-0822 | 1 Linux | 1 Linux Kernel | 2010-09-14 | 1.9 LOW | N/A |
umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents. | |||||
CVE-2010-2594 | 7 Ibm, Intersect Alliance, Linux and 4 more | 14 Aix, Snare Agent, Snare Epilog and 11 more | 2010-07-02 | 6.8 MEDIUM | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port. | |||||
CVE-2010-1556 | 3 Hp, Linux, Microsoft | 4 Hp-ux, Systems Insight Manager, Linux and 1 more | 2010-05-19 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remote attackers to obtain sensitive information and modify data via unknown vectors. | |||||
CVE-2004-2607 | 1 Linux | 1 Linux Kernel | 2010-04-01 | 2.1 LOW | N/A |
A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer. | |||||
CVE-2007-4998 | 1 Linux | 1 Linux Kernel | 2008-11-14 | 6.9 MEDIUM | N/A |
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination. |