CVE-2023-31284

illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net...

Stack overflow

illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net...

The vulnerability of the stat() function in the OverlayFS subsystem of Linux kernels allows attackers to increase their privileges.

The vulnerability of the stat function in the OverlayFS subsystem of Linux operating systems is related to deficiencies in access control when processing setuid and setgid attributes. Exploiting this vulnerability can allow attackers to enhance their privileges...

Maspik – Spam blacklist < 0.7.9 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions in the file /admin/partials/contact-forms-anti-spam-log.php against CSRF attacks, allowing an unauthenticated attacker to clear plugin logs and stat counter by tricking a logged in user to submit a crafted request...

SUSE CVE-2010-4754

The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service CPU and memory consumption via crafted glob expressions that do not match any pathnames, as...

SUSE CVE-2010-4756

The glob implementation in the GNU C Library aka glibc or libc6 allows remote authenticated users to cause a denial of service CPU and memory consumption via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a differen...

SUSE CVE-2011-0418

The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service memory consumption via a crafted FTP STAT command...

SUSE CVE-2011-0421

The zipnamelocate function in zipnamelocate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FLUNCHANGED argument, which might allow context-dependent attackers to cause a denial of service NULL pointer dereference via an empty ZIP archive that is processed with a...

SUSE CVE-2011-0726

The dotaskstat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the startcode and endcode fields in the /proc//stat file for a process executing a PIE...

SUSE CVE-2011-0762

The vsffilenamepassesfilter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service CPU consumption and process slot exhaustion via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632...

SUSE CVE-2011-4917

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat...

SUSE CVE-2019-11191

The Linux kernel through 5.0.7, when CONFIGIA32AOUT is enabled and ia32aout is loaded, allows local users to bypass ASLR on setuid a.out programs if any exist because installexeccreds is called too late in loadaoutbinary in fs/binfmtaout.c, and thus the ptracemayaccess check has a race condition...

SUSE CVE-2019-16168

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlitestat1 sz field, aka a "severe division by zero in the query planner."...

SUSE CVE-2021-25683

It was discovered that the getstarttime function in data/apport did not properly parse the /proc/pid/stat file from the kernel...

PT-2024-11841

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the netfilter: flowtable offload. The issue arises when flow offload queue work is called in a workqueue without bh...

kernel: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb

In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9khifusbrxcb Syzbot reported use-after-free Read in ath9khifusbrxcb 0. The problem was in incorrect htchandle-drvpriv initialization. Probable call trace which can trigger use-after-free:...

kernel: RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit()

In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldevstatsetcounterdynamicdoit This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows...

NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the stat...

NetBSD Kernel getkerninfo System Call Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the stat...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to an assertion failure. Exploiting this vulnerability is only possible if the SQLite instance was compiled with -DSQLITEENABLESTAT4. PoC sql CREATE TABLE t0 c0 INT, c1 INT PRIMARY KEY WITHOUT ROWID; INSERT INT...