RSS   Vulnerabilities for 'Linux'   RSS

2018-12-21
 
CVE-2018-20346

CWE-190
 

 
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.

 
2018-10-09
 
CVE-2018-17962

CWE-119
 

 
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

 
2017-12-11
 
CVE-2017-1000407

CWE-754
 

 
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

 
 
CVE-2014-3250

CWE-295
 

 
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4.

 
2016-10-07
 
CVE-2016-3699

CWE-264
 

 
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.

 
2007-09-24
 
CVE-2007-5079

CWE-DesignError
 

 
Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions.

 
2007-09-17
 
CVE-2007-3379

CWE-noinfo
 

 
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.

 
2007-07-15
 
CVE-2007-3103

CWE-59
 

 
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.

 
2007-09-18
 
CVE-2007-2834

CWE-189
 

 
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.

 
2007-04-05
 
CVE-2007-1352

CWE-Other
 

 
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

 


Copyright 2019, cxsecurity.com

 

Back to Top