Filtered by vendor Linux
Subscribe
Total
10391 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0624 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0623, CVE-2011-0625, and CVE-2011-0626. | |||||
| CVE-2014-0491 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mechanisms via unknown vectors. | |||||
| CVE-2011-2942 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | 6.8 MEDIUM | N/A |
| A certain Red Hat patch to the __br_deliver function in net/bridge/br_forward.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging connectivity to a network interface that uses an Ethernet bridge device. | |||||
| CVE-2012-5251 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2025-04-11 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. | |||||
| CVE-2009-4272 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2025-04-11 | 7.8 HIGH | 7.5 HIGH |
| A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash chain is too long. NOTE: this is related to an issue in the Linux kernel before 2.6.31, when the kernel routing cache is disabled, involving an uninitialized pointer and a panic. | |||||
| CVE-2013-7271 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | |||||
| CVE-2013-1798 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 6.2 MEDIUM | N/A |
| The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application. | |||||
| CVE-2012-4171 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to cause a denial of service (application crash) by leveraging a logic error during handling of Firefox dialogs. | |||||
| CVE-2012-4143 | 4 Apple, Linux, Microsoft and 1 more | 4 Mac Os X, Linux Kernel, Windows and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog, a different vulnerability than CVE-2012-1924. | |||||
| CVE-2012-1090 | 3 Linux, Redhat, Suse | 5 Linux Kernel, Enterprise Mrg, Linux Enterprise Desktop and 2 more | 2025-04-11 | 4.9 MEDIUM | 5.5 MEDIUM |
| The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. | |||||
| CVE-2010-4649 | 2 Linux, Redhat | 6 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Eus and 3 more | 2025-04-11 | 6.9 MEDIUM | N/A |
| Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member. | |||||
| CVE-2014-1438 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.7 MEDIUM | N/A |
| The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application. | |||||
| CVE-2010-3038 | 2 Cisco, Linux | 5 Unified Videoconferencing System 5110, Unified Videoconferencing System 5110 Firmware, Unified Videoconferencing System 5115 and 2 more | 2025-04-11 | 10.0 HIGH | N/A |
| Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, has a default password for the (1) root, (2) cs, and (3) develop accounts, which makes it easier for remote attackers to obtain access via the (a) FTP or (b) SSH daemon, aka Bug ID CSCti54008. | |||||
| CVE-2012-0056 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 6.9 MEDIUM | N/A |
| The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper. | |||||
| CVE-2012-2493 | 4 Apple, Cisco, Linux and 1 more | 4 Mac Os X, Anyconnect Secure Mobility Client, Linux Kernel and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug ID CSCtw47523. | |||||
| CVE-2010-4302 | 2 Cisco, Linux | 5 Unified Videoconferencing System 5110, Unified Videoconferencing System 5110 Firmware, Unified Videoconferencing System 5115 and 2 more | 2025-04-11 | 4.9 MEDIUM | N/A |
| /opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) operator passwords, which makes it easier for local users to obtain sensitive information by recovering the cleartext values, aka Bug ID CSCti54010. | |||||
| CVE-2012-1179 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 5.2 MEDIUM | N/A |
| The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages. | |||||
| CVE-2010-4164 | 4 Debian, Linux, Opensuse and 1 more | 7 Debian Linux, Linux Kernel, Opensuse and 4 more | 2025-04-11 | 7.8 HIGH | N/A |
| Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873. | |||||
| CVE-2013-3225 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. | |||||
| CVE-2010-2027 | 2 Linux, Wolfram Research | 2 Linux Kernel, Mathematica | 2025-04-11 | 1.9 LOW | N/A |
| Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. | |||||