Note:
This project will be discontinued after December 13, 2021. [more]
Main entries ~3682 :
Remaining NVD entries (unprocessed / no code available): ~286405 :
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2012-05-24 | CVE-2011-2906 | Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioctl call. NOTE: this may be a vulnerability only in unusual environments that provide a privileged program for obtaining the required file descriptor. | Linux_kernel | 5.5 | ||
| 2013-03-01 | CVE-2011-2905 | Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory. | Linux_kernel | N/A | ||
| 2012-05-24 | CVE-2011-2898 | net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application. | Linux_kernel | 5.5 | ||
| 2012-05-24 | CVE-2011-2707 | The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request. | Linux_kernel | 6.0 | ||
| 2012-05-24 | CVE-2011-2699 | The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets. | Linux_kernel, Enterprise_linux, Enterprise_mrg | 7.5 | ||
| 2012-05-24 | CVE-2011-2521 | The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c in the Performance Events subsystem in the Linux kernel before 2.6.39 does not properly calculate counter values, which allows local users to cause a denial of service (panic) via the perf program. | Linux_kernel | N/A | ||
| 2012-05-24 | CVE-2011-2518 | The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other impact via a NULL value for the device name. | Linux_kernel | N/A |
| Date | Id | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2025-05-13 | CVE-2025-47858 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47859 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47860 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47861 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47862 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-47863 | Rejected reason: Not used | N/A | N/A | |
| 2025-05-13 | CVE-2025-4396 | The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 (Free) and <= 2.27.4 (Premium) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries to already existing queries that can be used to extract sensitive... | N/A | 7.5 |