Search Results (6039 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0011 2 Isc, Redhat 2 Bind, Linux 2026-04-16 N/A
Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.
CVE-2003-0246 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.
CVE-2003-0245 2 Apache, Redhat 2 Http Server, Linux 2026-04-16 N/A
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
CVE-2001-1397 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory.
CVE-2003-0244 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions.
CVE-2003-0248 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
CVE-2001-1396 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.
CVE-2001-0010 2 Isc, Redhat 2 Bind, Linux 2026-04-16 N/A
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.
CVE-2000-0031 1 Redhat 1 Linux 2026-04-16 N/A
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
CVE-2000-0604 1 Redhat 1 Linux 2026-04-16 N/A
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.
CVE-1999-0804 4 Debian, Linux, Redhat and 1 more 4 Debian Linux, Linux Kernel, Linux and 1 more 2026-04-16 N/A
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
CVE-1999-0042 5 Bsdi, Caldera, Ibm and 2 more 6 Bsd Os, Openlinux, Aix and 3 more 2026-04-16 N/A
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
CVE-1999-0009 11 Bsdi, Caldera, Data General and 8 more 13 Bsd Os, Openlinux, Dg Ux and 10 more 2026-04-16 N/A
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
CVE-2025-62577 5 Fsas Technologies, Linux, Microsoft and 2 more 5 Eternus Sf, Linux, Windows Server and 2 more 2026-04-15 N/A
ETERNUS SF provided by Fsas Technologies Inc. contains an incorrect default permissions vulnerability. A low-privileged user with access to the management server may obtain database credentials, potentially allowing execution of OS commands with administrator privileges.
CVE-2026-26127 4 Apple, Linux, Microsoft and 1 more 8 Macos, Linux Kernel, .net and 5 more 2026-04-14 7.5 High
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
CVE-2020-26147 5 Arista, Debian, Linux and 2 more 15 C-65, C-65 Firmware, C-75 and 12 more 2026-04-14 5.4 Medium
An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
CVE-2020-24588 9 Arista, Cisco, Debian and 6 more 351 C-100, C-100 Firmware, C-110 and 348 more 2026-04-14 3.5 Low
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
CVE-2024-27022 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-11 7.8 High
In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING [1]. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfs_fallocate dup_mmap hugetlbfs_punch_hole i_mmap_lock_write(mapping); vma_interval_tree_insert_after -- Child vma is visible through i_mmap tree. i_mmap_unlock_write(mapping); hugetlb_dup_vma_private -- Clear vma_lock outside i_mmap_rwsem! i_mmap_lock_write(mapping); hugetlb_vmdelete_list vma_interval_tree_foreach hugetlb_vma_trylock_write -- Vma_lock is cleared. tmp->vm_ops->open -- Alloc new vma_lock outside i_mmap_rwsem! hugetlb_vma_unlock_write -- Vma_lock is assigned!!! i_mmap_unlock_write(mapping); hugetlb_dup_vma_private() and hugetlb_vm_op_open() are called outside i_mmap_rwsem lock while vma lock can be used in the same time. Fix this by deferring linking file vma until vma is fully initialized. Those vmas should be initialized first before they can be used.
CVE-2024-50120 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-06 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: smb: client: Handle kstrdup failures for passwords In smb3_reconfigure(), after duplicating ctx->password and ctx->password2 with kstrdup(), we need to check for allocation failures. If ses->password allocation fails, return -ENOMEM. If ses->password2 allocation fails, free ses->password, set it to NULL, and return -ENOMEM.
CVE-2025-21979 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-06 7.8 High
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel wiphy_work before freeing wiphy A wiphy_work can be queued from the moment the wiphy is allocated and initialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the rdev::wiphy_work is getting queued. If wiphy_free is called before the rdev::wiphy_work had a chance to run, the wiphy memory will be freed, and then when it eventally gets to run it'll use invalid memory. Fix this by canceling the work before freeing the wiphy.