Note:
This project will be discontinued after December 13, 2021. [more]
Main entries ~3682 :
Remaining NVD entries (unprocessed / no code available): ~297333 :
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-08-07 | CVE-2006-3635 | The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of invalid Register Stack Engine (RSE) state. | Linux_kernel | 5.5 | ||
| 2016-05-02 | CVE-2008-7316 | mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length. | Linux_kernel | 5.5 | ||
| 2017-04-24 | CVE-2007-6761 | drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobuf leak via unspecified vectors, a different vulnerability than CVE-2010-5321. | Linux_kernel | 7.8 | ||
| 2017-10-29 | CVE-2006-5331 | The altivec_unavailable_exception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIG_ALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detected by the kernel, which allows local users to cause a denial of service (panic) by triggering execution of an Altivec instruction. | Linux_kernel | 5.5 | ||
| 2012-06-21 | CVE-2010-4250 | Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files. | Linux_kernel | N/A | ||
| 2012-06-21 | CVE-2011-1023 | The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or (2) an InfiniBand (aka ib) transmit operation. | Linux_kernel | N/A | ||
| 2012-06-21 | CVE-2011-1021 | drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347. | Linux_kernel | N/A |
| Date | Id | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2023-08-15 | CVE-2023-4327 | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux | Raid_controller_web_interface | 5.5 | |
| 2023-08-15 | CVE-2023-4335 | Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux | Raid_controller_web_interface | 7.5 | |
| 2023-08-15 | CVE-2023-24478 | Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access. | Quartus_prime | 5.5 | |
| 2023-08-14 | CVE-2023-32748 | The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control. | Mivoice_connect | 9.8 | |
| 2023-08-14 | CVE-2023-3260 | The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to command injection via the `user-name` URL parameter. An authenticated malicious agent can exploit this vulnerability to execute arbitrary command on the underlying Linux operating system. | Powerpanel_server, Iboot\-Pdu4\-C20_firmware, Iboot\-Pdu4\-N20_firmware, Iboot\-Pdu4a\-C10_firmware, Iboot\-Pdu4a\-C20_firmware, Iboot\-Pdu4a\-N15_firmware, Iboot\-Pdu4a\-N20_firmware, Iboot\-Pdu4sa\-C10_firmware, Iboot\-Pdu4sa\-C20_firmware, Iboot\-Pdu4sa\-N15_firmware, Iboot\-Pdu4sa\-N20_firmware, Iboot\-Pdu8a\-2c10_firmware, Iboot\-Pdu8a\-2c20_firmware, Iboot\-Pdu8a\-2n15_firmware, Iboot\-Pdu8a\-2n20_firmware, Iboot\-Pdu8a\-C10_firmware, Iboot\-Pdu8a\-C20_firmware, Iboot\-Pdu8a\-N15_firmware, Iboot\-Pdu8a\-N20_firmware, Iboot\-Pdu8sa\-2n15_firmware, Iboot\-Pdu8sa\-C10_firmware, Iboot\-Pdu8sa\-N15_firmware, Iboot\-Pdu8sa\-N20_firmware | 8.8 | |
| 2023-08-14 | CVE-2023-40283 | An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled. | Ubuntu_linux, Debian_linux, Linux_kernel | 7.8 | |
| 2023-08-11 | CVE-2023-24016 | Uncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access. | Quartus_prime | 7.3 |