NFS cache poisoning.
Max CVSS
10.0
EPSS Score
2.92%
Published
1997-03-01
Updated
2022-08-17
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.
Max CVSS
10.0
EPSS Score
0.71%
Published
1999-01-28
Updated
2022-08-17
A system does not present an appropriate legal message or warning to a user who is accessing it.
Max CVSS
10.0
EPSS Score
0.30%
Published
2000-06-01
Updated
2022-08-17
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."
Max CVSS
10.0
EPSS Score
0.40%
Published
2000-06-09
Updated
2008-09-10
Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.40%
Published
2002-12-31
Updated
2008-09-05
Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling."
Max CVSS
10.0
EPSS Score
0.40%
Published
2002-12-31
Updated
2008-09-05
Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors.
Max CVSS
10.0
EPSS Score
1.38%
Published
2004-12-31
Updated
2017-10-11
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.
Max CVSS
10.0
EPSS Score
33.20%
Published
2005-01-10
Updated
2018-05-03
Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure.
Max CVSS
10.0
EPSS Score
6.79%
Published
2006-03-23
Updated
2018-10-03
The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON.
Max CVSS
10.0
EPSS Score
1.02%
Published
2006-04-12
Updated
2016-10-18
The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.
Max CVSS
10.0
EPSS Score
7.42%
Published
2008-06-10
Updated
2023-02-13
Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.74%
Published
2008-08-06
Updated
2020-07-28
Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response."
Max CVSS
10.0
EPSS Score
8.86%
Published
2008-11-18
Updated
2018-10-03
Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.
Max CVSS
10.0
EPSS Score
94.86%
Published
2009-01-07
Updated
2017-09-29
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.
Max CVSS
10.0
EPSS Score
0.56%
Published
2010-01-12
Updated
2018-11-16
The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors related to a routing change.
Max CVSS
10.0
EPSS Score
1.11%
Published
2010-09-08
Updated
2023-02-13
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions.
Max CVSS
10.0
EPSS Score
17.30%
Published
2010-09-07
Updated
2023-02-13
net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.
Max CVSS
10.0
EPSS Score
7.47%
Published
2014-03-24
Updated
2023-01-19
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.
Max CVSS
10.0
EPSS Score
6.07%
Published
2015-03-16
Updated
2022-11-03
The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured interface, a related issue to CVE-2003-1604.
Max CVSS
10.0
EPSS Score
4.68%
Published
2016-02-08
Updated
2023-01-19
drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.
Max CVSS
10.0
EPSS Score
5.39%
Published
2016-04-27
Updated
2023-01-19
The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.
Max CVSS
10.0
EPSS Score
2.96%
Published
2016-07-03
Updated
2022-11-03
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
Max CVSS
10.0
EPSS Score
3.81%
Published
2016-10-10
Updated
2023-01-19
Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. References: QC-CR#877705.
Max CVSS
10.0
EPSS Score
0.24%
Published
2017-01-12
Updated
2017-01-18
Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695.
Max CVSS
10.0
EPSS Score
0.29%
Published
2017-01-12
Updated
2017-01-18
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!