Search Results (2259 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1321 8 Canonical, Debian, Fedoraproject and 5 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2025-04-11 N/A
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.
CVE-2013-3783 6 Canonical, Debian, Mariadb and 3 more 8 Ubuntu Linux, Debian Linux, Mariadb and 5 more 2025-04-11 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
CVE-2011-3919 5 Apple, Debian, Google and 2 more 11 Iphone Os, Mac Os X, Debian Linux and 8 more 2025-04-11 N/A
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2010-0727 3 Debian, Linux, Redhat 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more 2025-04-11 N/A
The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.
CVE-2012-5842 6 Canonical, Debian, Mozilla and 3 more 15 Ubuntu Linux, Debian Linux, Firefox and 12 more 2025-04-11 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2010-1087 3 Debian, Linux, Redhat 4 Debian Linux, Linux Kernel, Enterprise Linux and 1 more 2025-04-11 N/A
The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.
CVE-2010-0307 4 Canonical, Debian, Linux and 1 more 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more 2025-04-11 N/A
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
CVE-2010-0298 3 Debian, Linux, Redhat 4 Debian Linux, Linux Kernel, Enterprise Linux and 1 more 2025-04-11 N/A
The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306.
CVE-2012-3867 7 Canonical, Cloudforms Cloudengine, Debian and 4 more 9 Ubuntu Linux, 1, Debian Linux and 6 more 2025-04-11 N/A
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences.
CVE-2013-3804 7 Canonical, Debian, Mariadb and 4 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2025-04-11 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
CVE-2013-3802 7 Canonical, Debian, Mariadb and 4 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2025-04-11 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
CVE-2010-0205 8 Apple, Canonical, Debian and 5 more 8 Mac Os X, Ubuntu Linux, Debian Linux and 5 more 2025-04-11 N/A
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.
CVE-2010-2959 5 Debian, Fedoraproject, Linux and 2 more 8 Debian Linux, Fedora, Linux Kernel and 5 more 2025-04-11 N/A
Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic.
CVE-2013-3812 6 Canonical, Debian, Mariadb and 3 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2025-04-11 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
CVE-2013-3793 6 Canonical, Debian, Mariadb and 3 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2025-04-11 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
CVE-2013-0900 5 Apple, Debian, Google and 2 more 5 Mac Os X, Debian Linux, Chrome and 2 more 2025-04-11 N/A
Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2013-0800 6 Canonical, Debian, Mozilla and 3 more 12 Ubuntu Linux, Debian Linux, Firefox and 9 more 2025-04-11 N/A
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
CVE-2012-0879 5 Canonical, Debian, Linux and 2 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2025-04-11 5.5 Medium
The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.
CVE-2022-42258 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2025-04-10 5.3 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure.
CVE-2022-34680 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2025-04-10 5.5 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.