Filtered by vendor Linux
Subscribe
Total
12948 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3331 | 8 Adobe, Apple, Google and 5 more | 14 Adobe Air, Adobe Air Sdk, Flash Player and 11 more | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. | |||||
| CVE-2013-7265 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | |||||
| CVE-2012-0957 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality. | |||||
| CVE-2011-2534 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 7.2 HIGH | 7.8 HIGH |
| Buffer overflow in the clusterip_proc_write function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux kernel before 2.6.39 might allow local users to cause a denial of service or have unspecified other impact via a crafted write operation, related to string data that lacks a terminating '\0' character. | |||||
| CVE-2010-3876 | 4 Debian, Linux, Opensuse and 1 more | 7 Debian Linux, Linux Kernel, Opensuse and 4 more | 2025-04-11 | 1.9 LOW | N/A |
| net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. | |||||
| CVE-2010-4079 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-11 | 1.9 LOW | N/A |
| The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. | |||||
| CVE-2010-3078 | 5 Canonical, Linux, Opensuse and 2 more | 6 Ubuntu Linux, Linux Kernel, Opensuse and 3 more | 2025-04-11 | 2.1 LOW | 5.5 MEDIUM |
| The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. | |||||
| CVE-2011-0521 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 7.2 HIGH | N/A |
| The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. | |||||
| CVE-2011-1676 | 1 Linux | 1 Util-linux | 2025-04-11 | 3.3 LOW | N/A |
| mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations. | |||||
| CVE-2013-1979 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 6.9 MEDIUM | N/A |
| The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application. | |||||
| CVE-2010-3437 | 5 Canonical, Debian, Linux and 2 more | 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more | 2025-04-11 | 6.6 MEDIUM | N/A |
| Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call. | |||||
| CVE-2012-6459 | 2 Intel, Linux | 2 Connman, Tizen | 2025-04-11 | 4.3 MEDIUM | N/A |
| ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets. | |||||
| CVE-2007-6733 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.7 MEDIUM | N/A |
| The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on an NFS filesystem and then changing this file's permissions, a related issue to CVE-2010-0727. | |||||
| CVE-2010-4074 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-11 | 1.9 LOW | N/A |
| The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c. | |||||
| CVE-2010-4250 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files. | |||||
| CVE-2011-1495 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 7.2 HIGH | N/A |
| drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. | |||||
| CVE-2013-3076 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c. | |||||
| CVE-2013-4513 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation. | |||||
| CVE-2012-5287 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2025-04-11 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. | |||||
| CVE-2010-2997 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted StreamTitle tag in an ICY SHOUTcast stream, related to the SMIL file format. | |||||