Search Results (20040 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0024 1 Linux 1 Linux Kernel 2026-04-23 N/A
The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vm_file structure member, and the mmap_region and do_munmap functions.
CVE-2009-1914 1 Linux 1 Linux Kernel 2026-04-23 N/A
The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.
CVE-2008-4395 2 Linux, Ubuntu 2 Linux Kernel, Linux Kernel 2026-04-23 N/A
Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.
CVE-2007-3843 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request.
CVE-2008-1286 2 Linux, Sun 3 Linux Kernel, Java Web Console, Solaris 2026-04-23 N/A
Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors.
CVE-2009-0747 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
CVE-2008-6107 1 Linux 1 Linux Kernel 2026-04-23 N/A
The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel before 2.6.25.4, omit some virtual-address range (aka span) checks when the mremap MREMAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mremap calls, a related issue to CVE-2008-2137.
CVE-2008-6662 2 Avg, Linux 2 Avg Anti-virus, Linux Kernel 2026-04-23 N/A
AVG Anti-Virus for Linux 7.5.51, and possibly earlier, allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via a malformed UPX compressed file, which triggers memory corruption.
CVE-2009-0787 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory.
CVE-2007-6694 3 Apple, Linux, Redhat 3 Powerpc, Linux Kernel, Enterprise Linux 2026-04-23 N/A
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference.
CVE-2008-0010 1 Linux 1 Linux Kernel 2026-04-23 N/A
The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.
CVE-2008-0072 3 Gnome, Linux, Redhat 4 Evolution, Linux Kernel, Enterprise Linux and 1 more 2026-04-23 N/A
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
CVE-2008-0304 4 Linux, Microsoft, Mozilla and 1 more 5 Linux Kernel, Windows, Seamonkey and 2 more 2026-04-23 N/A
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview.
CVE-2008-0352 1 Linux 1 Linux Kernel 2026-04-23 N/A
The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).
CVE-2007-5337 4 Gnome, Linux, Mozilla and 1 more 5 Gnome-vfs, Linux Kernel, Firefox and 2 more 2026-04-23 N/A
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
CVE-2008-1213 2 Linux, Numara 2 Linux Kernel, Footprints 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Numara FootPrints for Linux 8.1 allows remote attackers to inject arbitrary web script or HTML via the Title form field when setting an appointment. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1214 2 Linux, Numara 2 Linux Kernel, Footprints 2026-04-23 N/A
MRcgi/MRProcessIncomingForms.pl in Numara FootPrints 8.1 on Linux allows remote attackers to execute arbitrary code via shell metacharacters in the PROJECTNUM parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-7164 3 Ibm, Linux, Unix 3 Websphere Application Server, Linux Kernel, Unix 2026-04-23 N/A
SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does not block certain invalid URIs and does not issue a security challenge, which allows remote attackers to read secure files and obtain sensitive information via certain requests.
CVE-2009-3090 2 Ibm, Linux 2 Tivoli Directory Server, Linux Kernel 2026-04-23 N/A
Unspecified vulnerability in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2008-2148 2 Linux, Redhat 2 Linux Kernel, Enterprise Mrg 2026-04-23 N/A
The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.