# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2018-18438 |
190 |
|
Overflow |
2018-10-19 |
2018-12-04 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. |
2 |
CVE-2018-1059 |
200 |
|
+Info |
2018-04-24 |
2018-08-21 |
2.9 |
None |
Local Network |
Medium |
Not required |
Partial |
None |
None |
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable. |
3 |
CVE-2017-15104 |
200 |
|
+Info |
2017-12-18 |
2018-01-12 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file. |
4 |
CVE-2017-2625 |
320 |
|
|
2018-07-27 |
2018-10-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions. |
5 |
CVE-2016-7056 |
320 |
|
|
2018-09-10 |
2019-01-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. |
6 |
CVE-2016-3695 |
74 |
|
DoS |
2017-12-29 |
2018-01-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set. |
7 |
CVE-2016-0607 |
|
|
|
2016-01-20 |
2018-10-30 |
2.8 |
None |
Remote |
Medium |
Multiple systems |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication. |
8 |
CVE-2016-0605 |
|
|
|
2016-01-20 |
2018-10-30 |
2.1 |
None |
Remote |
High |
Single system |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors. |
9 |
CVE-2015-8553 |
200 |
|
+Info |
2016-04-13 |
2017-02-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777. |
10 |
CVE-2015-7837 |
254 |
|
Bypass |
2017-09-19 |
2017-10-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot. |
11 |
CVE-2015-5281 |
264 |
|
Exec Code Bypass |
2015-11-24 |
2016-12-07 |
2.6 |
None |
Local |
High |
Not required |
Partial |
Partial |
None |
The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted (1) multiboot or (2) multiboot2 module in the configuration file or physically proximate attackers to bypass intended Secure Boot restrictions and execute non-verified code via the (3) boot menu. |
12 |
CVE-2015-5160 |
200 |
|
+Info |
2018-08-20 |
2018-11-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. |
13 |
CVE-2015-4910 |
|
|
|
2015-10-21 |
2016-12-23 |
2.1 |
None |
Remote |
High |
Single system |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached. |
14 |
CVE-2015-4836 |
|
|
|
2015-10-21 |
2018-10-30 |
2.8 |
None |
Remote |
Medium |
Multiple systems |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP. |
15 |
CVE-2014-1859 |
59 |
|
|
2018-01-08 |
2018-01-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file. |
16 |
CVE-2013-2164 |
200 |
|
+Info |
2013-07-04 |
2014-01-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. |
17 |
CVE-2013-2051 |
264 |
|
Bypass |
2013-07-09 |
2017-05-22 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887. |
18 |
CVE-2013-0222 |
119 |
|
DoS Overflow |
2013-11-23 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function. |
19 |
CVE-2012-4453 |
264 |
|
+Info |
2012-10-09 |
2017-08-28 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information. |
20 |
CVE-2012-0042 |
|
|
DoS |
2012-04-11 |
2017-09-18 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c. |
21 |
CVE-2010-0730 |
20 |
|
DoS |
2010-05-12 |
2018-10-10 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows guest OS users to cause a denial of service (32-bit guest OS crash) via vectors that trigger an unspecified instruction emulation. |
22 |
CVE-2008-3270 |
310 |
|
DoS |
2008-08-18 |
2017-09-28 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a file download from a Red Hat Network (RHN) server, which makes it easier for remote man-in-the-middle attackers to cause a denial of service (loss of updates) or force the download and installation of official Red Hat packages that were not requested. |
23 |
CVE-2007-3379 |
|
|
DoS |
2007-09-17 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command. |
24 |
CVE-2007-3099 |
|
|
DoS |
2007-06-14 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss). |
25 |
CVE-2006-3813 |
|
|
|
2006-08-11 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information. |
26 |
CVE-2005-2100 |
|
|
DoS |
2005-10-25 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash). |
27 |
CVE-2005-1918 |
22 |
|
Dir. Trav. |
2005-12-31 |
2018-10-19 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". |
28 |
CVE-2005-1038 |
|
|
|
2005-05-02 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235. |
29 |
CVE-2005-0757 |
|
|
DoS |
2005-05-18 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with extended attributes enabled. |
30 |
CVE-2005-0736 |
|
|
Overflow |
2005-03-09 |
2018-10-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events. |
31 |
CVE-2005-0207 |
|
|
DoS |
2005-05-02 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT. |
32 |
CVE-2005-0156 |
|
|
Exec Code Overflow |
2005-02-07 |
2018-08-13 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. |
33 |
CVE-2005-0092 |
|
|
DoS |
2005-02-19 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash). |
34 |
CVE-2005-0090 |
|
|
DoS |
2005-05-02 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash). |
35 |
CVE-2005-0077 |
|
|
|
2005-05-02 |
2018-10-19 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. |
36 |
CVE-2005-0003 |
|
|
DoS Exec Code |
2005-04-14 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. |
37 |
CVE-2004-1237 |
|
|
DoS |
2005-04-14 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors. |
38 |
CVE-2004-1074 |
|
|
DoS |
2005-01-10 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. |
39 |
CVE-2004-1073 |
|
|
|
2005-01-10 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. |
40 |
CVE-2004-0977 |
|
|
|
2005-02-09 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files. |
41 |
CVE-2004-0968 |
|
|
|
2005-02-09 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. |
42 |
CVE-2004-0812 |
|
|
DoS Exec Code |
2005-04-14 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code. |
43 |
CVE-2004-0554 |
|
|
DoS |
2004-08-06 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. |
44 |
CVE-2004-0497 |
|
|
|
2004-12-06 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. |
45 |
CVE-2004-0491 |
|
|
|
2004-12-31 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit. |
46 |
CVE-2003-1295 |
|
|
|
2003-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." |
47 |
CVE-1999-1572 |
|
|
|
1996-07-16 |
2017-10-18 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. |