Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2974 | 1 Libungif | 1 Libungif | 2023-02-13 | 2.6 LOW | N/A |
| libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference. | |||||
| CVE-2005-3359 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.9 MEDIUM | N/A |
| The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules. | |||||
| CVE-2005-2973 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 2.1 LOW | N/A |
| The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash). | |||||
| CVE-2011-4586 | 1 Moodle | 1 Moodle | 2023-02-13 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | |||||
| CVE-2011-2942 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-02-13 | 6.8 MEDIUM | N/A |
| A certain Red Hat patch to the __br_deliver function in net/bridge/br_forward.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging connectivity to a network interface that uses an Ethernet bridge device. | |||||
| CVE-2011-1767 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 5.4 MEDIUM | N/A |
| net/ipv4/ip_gre.c in the Linux kernel before 2.6.34, when ip_gre is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading. | |||||
| CVE-2011-2493 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 2.1 LOW | N/A |
| The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem. | |||||
| CVE-2011-1493 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 7.5 HIGH | N/A |
| Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket. | |||||
| CVE-2011-1927 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 5.0 MEDIUM | N/A |
| The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets. | |||||
| CVE-2011-1023 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.9 MEDIUM | N/A |
| The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or (2) an InfiniBand (aka ib) transmit operation. | |||||
| CVE-2011-0717 | 1 Redhat | 1 Network Satellite Server | 2023-02-13 | 5.8 MEDIUM | N/A |
| Session fixation vulnerability in Red Hat Network (RHN) Satellite Server 5.4 allows remote attackers to hijack web sessions via unspecified vectors related to Spacewalk. | |||||
| CVE-2011-0536 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2023-02-13 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847. | |||||
| CVE-2009-1192 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.9 MEDIUM | N/A |
| The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. | |||||
| CVE-2005-2553 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 2.1 LOW | N/A |
| The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program. | |||||
| CVE-2005-1767 | 2 Novell, Suse | 3 Linux Desktop, Open Enterprise Server, Suse Linux | 2023-02-13 | 2.1 LOW | N/A |
| traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). | |||||
| CVE-2005-0937 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 1.2 LOW | N/A |
| Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions. | |||||
| CVE-2005-1266 | 1 Apache | 1 Spamassassin | 2023-02-13 | 5.0 MEDIUM | N/A |
| Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries. | |||||
| CVE-2005-0531 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 2.1 LOW | N/A |
| The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments. | |||||
| CVE-2005-0839 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 7.2 HIGH | N/A |
| Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions. | |||||
| CVE-2005-0529 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 2.1 LOW | N/A |
| Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context. | |||||