Lucene search
K

2093 matches found

RedHat Linux
RedHat Linux
added 2014/06/24 3:58 p.m.4 views

kernel: net: ping: refcount issue in ping_init_sock() function

A use-after-free flaw was found in the way the pinginitsock function of the Linux kernel handled the groupinfo reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system...

6.9CVSS6.3AI score0.00959EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2014/05/27 4:25 p.m.3 views

kernel: net: ping: refcount issue in ping_init_sock() function

A use-after-free flaw was found in the way the pinginitsock function of the Linux kernel handled the groupinfo reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system...

6.9CVSS6.3AI score0.00959EPSS
Exploits7References4
NVD
NVD
added 2013/11/04 3:55 p.m.18 views

CVE-2013-4483

The ipcrcuputref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service memory consumption or system crash via a crafted application...

4.9CVSS5.7AI score0.00489EPSS
Exploits1References8
OSV
OSV
added 2013/11/04 3:55 p.m.9 views

CVE-2013-4483

The ipcrcuputref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service memory consumption or system crash via a crafted application...

5.6AI score
Exploits0References9
OSV
OSV
added 2013/11/04 3:55 p.m.3 views

DEBIAN-CVE-2013-4483

The ipcrcuputref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service memory consumption or system crash via a crafted application...

4.9CVSS6AI score0.00489EPSS
Exploits1References1
OSV
OSV
added 2013/11/04 12:0 a.m.7 views

UBUNTU-CVE-2013-4483

The ipcrcuputref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service memory consumption or system crash via a crafted application...

4.9CVSS6.7AI score0.00489EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2013/11/04 12:0 a.m.3 views

PT-2013-5038 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.10 Description: The issue is related to the improper management of a reference count by the ipc rcu putref function in the Linux kernel, which can be exploited by local users to cause a denial of service. This...

7.8CVSS7.3AI score0.05794EPSS
Exploits6References274
NVD
NVD
added 2013/02/13 12:4 p.m.31 views

CVE-2013-1280

The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a...

7.2CVSS6.2AI score0.01722EPSS
Exploits0References3
Prion
Prion
added 2013/02/13 12:4 p.m.25 views

Design/Logic Flaw

The Client/Server Run-time Subsystem CSRSS in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Reference Count Vulnerability."...

7.2CVSS6.8AI score0.01791EPSS
Exploits0References3
Cvelist
Cvelist
added 2013/02/13 11:0 a.m.34 views

CVE-2013-0076

The Client/Server Run-time Subsystem CSRSS in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Reference Count Vulnerability."...

6.3AI score0.01791EPSS
Exploits0References3
CVE
CVE
added 2013/02/13 11:0 a.m.61 views

CVE-2013-0076

The CVE-2013-0076 entry refers to a local privilege-escalation vulnerability in the Client/Server Run-time Subsystem (CSRSS) on affected Windows versions. Specifically, CSRSS in Windows 7 (Gold/SP1) and Windows Server 2008 R2 (SP1) mishandles in-memory objects, enabling a local attacker to gain e...

7.2CVSS6.4AI score0.01791EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.48 views

Scientific Linux Security Update : kernel on SL3.x i386/x86_64

CVE-2008-5029 kernel: Unix sockets kernel panic CVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket garbage collector CVE-2009-1337 kernel: exitnotify: kill the wrong capableCAPKILL check CVE-2009-1385 kernel: e1000cleanrxirq denial of service CVE-2009-1895 kernel: personality: fix...

7.8CVSS6.6AI score0.33491EPSS
Exploits24References15
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.64 views

CentOS Update for kernel CESA-2012:0481 centos6

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2012:0481 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

7.2CVSS0.4AI score0.00468EPSS
Exploits4References2
RedHat Linux
RedHat Linux
added 2012/04/17 6:54 p.m.47 views

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores...

7.8CVSS6.2AI score0.00468EPSS
Exploits4References7
Oracle linux
Oracle linux
added 2011/07/31 12:0 a.m.37 views

rgmanager security, bug fix, and enhancement update

2.0.52-21 - rgmanager: Fix bad passing of SFLFAILURE up fixbadpassingofsflfailureup.patch Resolves: rhbz711521 2.0.52-20 - resource-agents: Improve LDLIBRARYPATH handling by SAP resourceagentsimproveldlibrarypathhandlingbysap.patch Resolves: rhbz710637 2.0.52-19 - Fix changelog format - rgmanager...

6.9CVSS0.2AI score0.00417EPSS
Exploits1
Cvelist
Cvelist
added 2010/07/30 8:0 p.m.26 views

CVE-2010-1208

Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node wit...

9.4AI score0.05153EPSS
Exploits0References6
Cvelist
Cvelist
added 2010/07/02 6:30 p.m.42 views

CVE-2010-2549

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service system crash by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigge...

6.4AI score0.05145EPSS
Exploits2References8
Cvelist
Cvelist
added 2010/04/05 5:0 p.m.27 views

CVE-2010-0176

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors...

9.6AI score0.05203EPSS
Exploits0References31
Prion
Prion
added 2010/03/05 7:30 p.m.35 views

Design/Logic Flaw

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service daemon crash or hang via a client...

4.3CVSS6.8AI score0.03913EPSS
Exploits1References18Affected Software10
OSV
OSV
added 2010/03/05 7:30 p.m.9 views

CVE-2010-0302

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service daemon crash or hang via a client...

7.5CVSS7.6AI score
Exploits0References21
Rows per page
Query Builder