Export limit exceeded: 16292 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (16292 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1727 | 4 Hp, Linux, Microsoft and 1 more | 7 Hp-ux, Openview Network Node Manager, Linux Kernel and 4 more | 2025-04-09 | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors. | ||||
| CVE-2009-4538 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-04-09 | N/A |
| drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537. | ||||
| CVE-2008-4197 | 5 Freebsd, Linux, Microsoft and 2 more | 5 Freebsd, Linux Kernel, Windows and 2 more | 2025-04-09 | 8.8 High |
| Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut. | ||||
| CVE-2009-0849 | 3 Linux, Microsoft, Novastor | 3 Linux Kernel, Windows, Novanet | 2025-04-09 | N/A |
| Stack-based buffer overflow in the DtbClsLogin function in NovaStor NovaNET 12 allows remote attackers to (1) execute arbitrary code on Linux platforms via a long username field during backup domain authentication, related to libnnlindtb.so; or (2) cause a denial of service (daemon crash) on Windows platforms via a long username field during backup domain authentication, related to nnwindtb.dll. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3901 | 2 Linux, Suspend2 | 2 Linux Kernel, Software Suspend 2 | 2025-04-09 | N/A |
| Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. | ||||
| CVE-2008-3526 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-09 | N/A |
| Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option. | ||||
| CVE-2008-3276 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-09 | N/A |
| Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field. | ||||
| CVE-2007-6047 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART. | ||||
| CVE-2006-5173 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2025-04-09 | N/A |
| Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access. | ||||
| CVE-2006-5174 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer. | ||||
| CVE-2006-7203 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs"). | ||||
| CVE-2006-5751 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request. | ||||
| CVE-2006-5749 | 1 Linux | 1 Linux Kernel | 2025-04-09 | N/A |
| The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash. | ||||
| CVE-2006-5871 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings. | ||||
| CVE-2008-5702 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call. | ||||
| CVE-2006-7164 | 3 Ibm, Linux, Unix | 3 Websphere Application Server, Linux Kernel, Unix | 2025-04-09 | N/A |
| SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does not block certain invalid URIs and does not issue a security challenge, which allows remote attackers to read secure files and obtain sensitive information via certain requests. | ||||
| CVE-2007-1281 | 3 Kaspersky Lab, Linux, Microsoft | 3 Kaspersky Antivirus Engine, Linux Kernel, All Windows | 2025-04-09 | N/A |
| Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression. | ||||
| CVE-2008-2826 | 5 Canonical, Debian, Linux and 2 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2025-04-09 | N/A |
| Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure. | ||||
| CVE-2007-1496 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference. | ||||
| CVE-2007-1497 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments. | ||||