Export limit exceeded: 14600 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 20090 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (20090 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-3104 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry.
CVE-2007-2525 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.
CVE-2007-2453 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source.
CVE-2006-6053 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures.
CVE-2007-2445 3 Linux, Png Reference Library, Redhat 3 Linux Kernel, Libpng, Enterprise Linux 2026-04-23 N/A
The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.
CVE-2009-0065 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2026-04-23 N/A
Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.
CVE-2007-1734 1 Linux 1 Linux Kernel 2026-04-23 N/A
The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730.
CVE-2009-0343 2 Linux, Niels Provos 2 Linux Kernel, Systrace 2026-04-23 N/A
Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes.
CVE-2007-1592 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.
CVE-2007-1589 2 Linux, Truecrypt Foundation 2 Linux Kernel, Truecrypt 2026-04-23 N/A
TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service (filesystem unavailability) by dismounting a volume mounted by a different user.
CVE-2009-0935 1 Linux 1 Linux Kernel 2026-04-23 5.5 Medium
The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.
CVE-2009-0605 1 Linux 1 Linux Kernel 2026-04-23 N/A
Stack consumption vulnerability in the do_page_fault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered Kprobes probe.
CVE-2009-0747 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
CVE-2008-5702 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.
CVE-2009-0748 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate the superblock configuration, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) by attempting to mount a crafted ext4 filesystem.
CVE-2007-6048 4 Ibm, Linux, Microsoft and 1 more 4 Db2 Universal Database, Linux Kernel, Windows and 1 more 2026-04-23 N/A
IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
CVE-2007-1913 8 Apple, Hp, Ibm and 5 more 11 Macos, Hp-ux, Tru64 and 8 more 2026-04-23 N/A
The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
CVE-2007-1918 8 Apple, Hp, Ibm and 5 more 11 Macos, Hp-ux, Tru64 and 8 more 2026-04-23 N/A
The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
CVE-2008-4197 5 Freebsd, Linux, Microsoft and 2 more 5 Freebsd, Linux Kernel, Windows and 2 more 2026-04-23 8.8 High
Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut.
CVE-2008-4210 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O.