Search Results (19995 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2847 2 Linux, Redhat 6 Kernel, Linux, Linux Kernel and 3 more 2026-04-23 N/A
The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.
CVE-2009-2848 8 Canonical, Fedoraproject, Linux and 5 more 15 Ubuntu Linux, Fedora, Linux Kernel and 12 more 2026-04-23 N/A
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
CVE-2009-3621 7 Canonical, Fedoraproject, Linux and 4 more 10 Ubuntu Linux, Fedora, Linux Kernel and 7 more 2026-04-23 5.5 Medium
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.
CVE-2008-2148 2 Linux, Redhat 2 Linux Kernel, Enterprise Mrg 2026-04-23 N/A
The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.
CVE-2007-6209 2 Linux, Zsh 2 Linux Kernel, Zsh 2026-04-23 N/A
Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2008-0304 4 Linux, Microsoft, Mozilla and 1 more 5 Linux Kernel, Windows, Seamonkey and 2 more 2026-04-23 N/A
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview.
CVE-2008-2136 4 Canonical, Debian, Linux and 1 more 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more 2026-04-23 N/A
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
CVE-2008-0352 1 Linux 1 Linux Kernel 2026-04-23 N/A
The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).
CVE-2007-4308 3 Adaptec, Linux, Redhat 3 Aacraid Controller, Linux Kernel, Enterprise Linux 2026-04-23 N/A
The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.
CVE-2008-3247 1 Linux 1 Linux Kernel 2026-04-23 N/A
The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 on x86_64 platforms uses an incorrect size for ldt_desc, which allows local users to cause a denial of service (system crash) or possibly gain privileges via unspecified vectors.
CVE-2008-2826 5 Canonical, Debian, Linux and 2 more 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more 2026-04-23 N/A
Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure.
CVE-2007-1086 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 Universal Database and 3 more 2026-04-23 N/A
Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."
CVE-2007-3843 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request.
CVE-2007-5500 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.
CVE-2007-6048 4 Ibm, Linux, Microsoft and 1 more 4 Db2 Universal Database, Linux Kernel, Windows and 1 more 2026-04-23 N/A
IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
CVE-2007-0772 1 Linux 1 Linux Kernel 2026-04-23 N/A
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.
CVE-2006-6053 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures.
CVE-2008-0001 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.
CVE-2007-4997 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an "off-by-two error."
CVE-2007-3513 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption).