|
2015-04-16
|
CVE-2015-0491 |
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459. |
Opensuse,
Javafx,
Jdk,
Jre,
Suse_linux_enterprise_desktop
|
N/A
|
|
|
2018-11-29
|
CVE-2018-19655 |
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file. |
Dcraw,
Suse_linux_enterprise_desktop,
Suse_linux_enterprise_server
|
8.8
|
|
|
2014-04-14
|
CVE-2014-2706 |
Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c. |
Linux_kernel,
Linux,
Linux_enterprise_high_availability_extension,
Suse_linux_enterprise_desktop,
Suse_linux_enterprise_server
|
N/A
|
|
|
|
2014-06-23
|
CVE-2014-1739 |
The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call. |
Ubuntu_linux,
Linux_kernel,
Linux_enterprise_high_availability_extension,
Suse_linux_enterprise_desktop,
Suse_linux_enterprise_server
|
N/A
|
|
|
|
2014-05-07
|
CVE-2014-0196 |
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. |
Ubuntu_linux,
Debian_linux,
Big\-Ip_access_policy_manager,
Big\-Ip_advanced_firewall_manager,
Big\-Ip_analytics,
Big\-Ip_application_acceleration_manager,
Big\-Ip_application_security_manager,
Big\-Ip_edge_gateway,
Big\-Ip_global_traffic_manager,
Big\-Ip_link_controller,
Big\-Ip_local_traffic_manager,
Big\-Ip_policy_enforcement_manager,
Big\-Ip_protocol_security_module,
Big\-Ip_wan_optimization_manager,
Big\-Ip_webaccelerator,
Big\-Iq_application_delivery_controller,
Big\-Iq_centralized_management,
Big\-Iq_cloud,
Big\-Iq_cloud_and_orchestration,
Big\-Iq_device,
Big\-Iq_security,
Enterprise_manager,
Linux_kernel,
Linux,
Enterprise_linux,
Enterprise_linux_eus,
Enterprise_linux_server_eus,
Suse_linux_enterprise_desktop,
Suse_linux_enterprise_high_availability_extension,
Suse_linux_enterprise_server
|
N/A
|
|
|
|
2010-09-08
|
CVE-2010-2798 |
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c. |
Aura_communication_manager,
Aura_presence_services,
Aura_session_manager,
Aura_system_manager,
Aura_system_platform,
Iq,
Voice_portal,
Ubuntu_linux,
Debian_linux,
Linux_kernel,
Opensuse,
Linux_enterprise_high_availability_extension,
Suse_linux_enterprise_desktop,
Suse_linux_enterprise_server,
Esx
|
N/A
|
|
|
2010-09-30
|
CVE-2010-2537 |
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor. |
Ubuntu_linux,
Linux_kernel,
Linux_enterprise_high_availability_extension,
Suse_linux_enterprise_desktop,
Suse_linux_enterprise_server
|
N/A
|
|
|
2010-09-08
|
CVE-2010-2524 |
The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals. |
Ubuntu_linux,
Linux_kernel,
Suse_linux_enterprise_desktop,
Suse_linux_enterprise_server,
Esx
|
N/A
|
|
|
2010-09-08
|
CVE-2010-2066 |
The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor. |
Ubuntu_linux,
Linux_kernel,
Linux_enterprise_high_availability_extension,
Suse_linux_enterprise_desktop,
Suse_linux_enterprise_server,
Esx
|
N/A
|
|
|
2008-08-12
|
CVE-2008-3275 |
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories. |
Ubuntu_linux,
Debian_linux,
Linux_kernel,
Suse_linux_enterprise_desktop,
Suse_linux_enterprise_server
|
N/A
|
|