Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".
Max CVSS
4.6
EPSS Score
0.04%
Published
1995-09-07
Updated
2022-08-17
Denial of service in Linux 2.2.0 running the ldd command on a core file.
Max CVSS
4.6
EPSS Score
0.05%
Published
1999-01-26
Updated
2008-09-05
The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-08-23
Updated
2008-09-09
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
Max CVSS
4.6
EPSS Score
0.04%
Published
1998-11-18
Updated
2016-10-18
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-10-22
Updated
2018-09-11
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-09-28
Updated
2016-10-18
Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-05-03
Updated
2017-10-10
Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors.
Max CVSS
4.6
EPSS Score
0.06%
Published
2004-03-03
Updated
2017-10-10
Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.
Max CVSS
4.6
EPSS Score
0.09%
Published
2004-01-05
Updated
2017-10-11
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
Max CVSS
4.6
EPSS Score
0.07%
Published
2004-03-03
Updated
2017-10-11
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.
Max CVSS
4.6
EPSS Score
0.14%
Published
2004-06-01
Updated
2017-10-11
The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped.
Max CVSS
4.9
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-10-11
The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact.
Max CVSS
4.6
EPSS Score
0.06%
Published
2004-08-18
Updated
2017-07-11
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-12-23
Updated
2017-10-11
Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-12-31
Updated
2008-09-05
Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests.
Max CVSS
4.9
EPSS Score
0.06%
Published
2004-12-31
Updated
2018-10-30
Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function.
Max CVSS
4.4
EPSS Score
0.04%
Published
2004-12-31
Updated
2008-09-05
Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice.
Max CVSS
4.9
EPSS Score
0.06%
Published
2005-05-02
Updated
2017-10-11
The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory.
Max CVSS
4.9
EPSS Score
0.04%
Published
2005-12-31
Updated
2008-09-05
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
Max CVSS
4.6
EPSS Score
0.10%
Published
2005-03-14
Updated
2017-10-11
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.
Max CVSS
4.6
EPSS Score
0.07%
Published
2005-09-14
Updated
2018-10-19
Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.
Max CVSS
4.6
EPSS Score
0.08%
Published
2005-08-16
Updated
2018-10-19
The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-11-20
Updated
2018-10-19
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.
Max CVSS
4.7
EPSS Score
0.04%
Published
2005-09-30
Updated
2024-02-15
The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-10-18
Updated
2018-10-03
674 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!