Lucene search
K

105 matches found

Prion
Prion
added 2013/06/05 2:39 p.m.19 views

Design/Logic Flaw

The posixspawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to 1 cause a denial of service panic via a size value that is inconsistent with a header count field, or 2 obtain sensitive...

6.9CVSS6.3AI score0.00416EPSS
Exploits1References7Affected Software2
Prion
Prion
added 2013/06/05 2:39 p.m.16 views

Design/Logic Flaw

The machportspaceinfo function in osfmk/ipc/machdebug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call...

4.9CVSS5.4AI score0.00455EPSS
Exploits1References5Affected Software2
Cvelist
Cvelist
added 2013/06/05 10:0 a.m.22 views

CVE-2013-3953

The machportspaceinfo function in osfmk/ipc/machdebug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call...

4.9AI score0.00455EPSS
Exploits1References5
Cvelist
Cvelist
added 2013/06/05 10:0 a.m.24 views

CVE-2013-3954

The posixspawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to 1 cause a denial of service panic via a size value that is inconsistent with a header count field, or 2 obtain sensitive...

5.8AI score0.00416EPSS
Exploits1References7
OSV
OSV
added 2013/03/15 8:55 p.m.8 views

CVE-2012-6548

The udfencodefh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application...

5.1AI score
Exploits0References14
OSV
OSV
added 2013/03/15 8:55 p.m.9 views

CVE-2012-6536

net/xfrm/xfrmuser.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability and providing a 1 new or 2...

5.9AI score
Exploits0References4
Prion
Prion
added 2013/03/15 8:55 p.m.34 views

Design/Logic Flaw

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

2.1CVSS5.9AI score0.00388EPSS
Exploits1References10Affected Software2
OSV
OSV
added 2013/03/15 12:0 a.m.4 views

UBUNTU-CVE-2012-6548

The udfencodefh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application...

1.9CVSS6.6AI score0.00429EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2013/03/15 12:0 a.m.33 views

CVE-2013-2547

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

2.1CVSS6.4AI score0.00388EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2013/03/14 8:0 p.m.73 views

CVE-2013-2547

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

2.1CVSS5.5AI score0.00388EPSS
Exploits1
Cvelist
Cvelist
added 2013/03/14 8:0 p.m.23 views

CVE-2012-6548

The udfencodefh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application...

4.9AI score0.00429EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2011/08/24 12:0 a.m.47 views

Ubuntu: Security Advisory (USN-1189-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.08793EPSS
Exploits9References2
Ubuntu
Ubuntu
added 2011/07/13 10:18 p.m.82 views

USN-1167-1: Linux kernel vulnerabilities

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file...

9.8CVSS7.1AI score0.04364EPSS
Exploits23
Tenable Nessus
Tenable Nessus
added 2011/06/13 12:0 a.m.54 views

Ubuntu 8.04 LTS : linux vulnerabilities (USN-1133-1)

Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. A local attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2010-4342 Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A...

7.2CVSS6.4AI score0.03521EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2011/06/03 12:0 a.m.50 views

Ubuntu: Security Advisory (USN-1133-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.1AI score0.03521EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2011/05/24 4:43 p.m.83 views

USN-1133-1: Linux kernel vulnerabilities

Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. A local attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2010-4342 Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A...

7.2CVSS5.7AI score0.03521EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2011/04/10 12:0 a.m.4 views

PT-2011-2914 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.38 Description: The issue is related to the osf partition function in the Linux kernel, which does not properly handle an invalid number of partitions. This might allow local users to obtain potentially...

9CVSS5.6AI score0.0389EPSS
Exploits7References50
Positive Technologies
Positive Technologies
added 2011/02/16 12:0 a.m.5 views

PT-2011-1619 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.36 Description: The issue allows local users to obtain potentially sensitive information from kernel heap memory. This is possible by leveraging the CAP NET ADMIN capability for an ethtool ioctl call, due to...

7.8CVSS5.9AI score0.0389EPSS
Exploits8References64
UbuntuCve
UbuntuCve
added 2011/01/25 12:0 a.m.42 views

CVE-2010-4655

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

5.5CVSS6.3AI score0.00397EPSS
Exploits1References7
Prion
Prion
added 2011/01/13 7:0 p.m.26 views

Integer overflow

Integer underflow in the irdagetsockopt function in net/irda/afirda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information from kernel heap memory via an IRLMPENUMDEVICES getsockopt call...

2.1CVSS6AI score0.00395EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder