Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-4344

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-04 Oct, 2013 | 17:00
Updated At-06 Aug, 2024 | 16:38
Rejected At-
Credits

Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:04 Oct, 2013 | 17:00
Updated At:06 Aug, 2024 | 16:38
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/62773
vdb-entry
x_refsource_BID
http://article.gmane.org/gmane.comp.emulators.qemu/237191
mailing-list
x_refsource_MLIST
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
vendor-advisory
x_refsource_SUSE
http://www.openwall.com/lists/oss-security/2013/10/02/2
mailing-list
x_refsource_MLIST
http://osvdb.org/98028
vdb-entry
x_refsource_OSVDB
http://rhn.redhat.com/errata/RHSA-2013-1754.html
vendor-advisory
x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2013-1553.html
vendor-advisory
x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2092-1
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/62773
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://article.gmane.org/gmane.comp.emulators.qemu/237191
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.openwall.com/lists/oss-security/2013/10/02/2
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://osvdb.org/98028
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1754.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1553.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.ubuntu.com/usn/USN-2092-1
Resource:
vendor-advisory
x_refsource_UBUNTU
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/62773
vdb-entry
x_refsource_BID
x_transferred
http://article.gmane.org/gmane.comp.emulators.qemu/237191
mailing-list
x_refsource_MLIST
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.openwall.com/lists/oss-security/2013/10/02/2
mailing-list
x_refsource_MLIST
x_transferred
http://osvdb.org/98028
vdb-entry
x_refsource_OSVDB
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-1754.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-1553.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.ubuntu.com/usn/USN-2092-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/62773
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://article.gmane.org/gmane.comp.emulators.qemu/237191
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2013/10/02/2
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://osvdb.org/98028
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1754.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1553.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2092-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:04 Oct, 2013 | 17:55
Updated At:29 Apr, 2026 | 01:13

Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches

QEMU
qemu
>>qemu>>Versions up to 1.6.2(inclusive)
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>12.3
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>13.1
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_desktop>>6.0
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server>>6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_workstation>>6.0
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>virtualization>>3.0
cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>6.0
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>12.10
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>13.10
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://article.gmane.org/gmane.comp.emulators.qemu/237191secalert@redhat.com
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://osvdb.org/98028secalert@redhat.com
Broken Link
http://rhn.redhat.com/errata/RHSA-2013-1553.htmlsecalert@redhat.com
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-1754.htmlsecalert@redhat.com
Third Party Advisory
http://www.openwall.com/lists/oss-security/2013/10/02/2secalert@redhat.com
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/62773secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2092-1secalert@redhat.com
Third Party Advisory
http://article.gmane.org/gmane.comp.emulators.qemu/237191af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://osvdb.org/98028af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://rhn.redhat.com/errata/RHSA-2013-1553.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-1754.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.openwall.com/lists/oss-security/2013/10/02/2af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/62773af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2092-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://article.gmane.org/gmane.comp.emulators.qemu/237191
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://osvdb.org/98028
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1553.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1754.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2013/10/02/2
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/62773
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-2092-1
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://article.gmane.org/gmane.comp.emulators.qemu/237191
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://osvdb.org/98028
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1553.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1754.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2013/10/02/2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/62773
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-2092-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

617Records found

CVE-2019-14835
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.63% / 45.65%
||
7 Day CHG~0.00%
Published-17 Sep, 2019 | 15:09
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

Action-Not Available
Vendor-Linux KernelHuawei Technologies Co., Ltd.Fedora ProjectopenSUSECanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuximanager_netecoopenshift_container_platformenterprise_linux_server_aush410c_firmwareh300s_firmwarevirtualization_hosth410sh610s_firmwareh300ssteelstore_cloud_integrated_storageh610sh300e_firmwareh500ehci_management_nodeenterprise_linux_workstationfedorah500s_firmwareh500e_firmwareenterprise_linux_eush700eaff_a700s_firmwareenterprise_linux_desktopleapdata_availability_servicesmanageoneh300evirtualizationh500sservice_processorenterprise_linuxaff_a700ssolidfiredebian_linuxlinux_kernelh410s_firmwareh700s_firmwareh410ch700e_firmwareenterprise_linux_server_tush700simanager_neteco_6000enterprise_linux_for_real_timeLinux kernel
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2009-4067
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.06% / 79.01%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 18:01
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxlinux_kerneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-1083
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.63% / 45.67%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 13:00
Updated-16 Sep, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.

Action-Not Available
Vendor-zshzshCanonical Ltd.Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_workstationzshenterprise_linux_desktopzsh
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-1100
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.54% / 41.67%
||
7 Day CHG-0.01%
Published-11 Apr, 2018 | 19:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

Action-Not Available
Vendor-zshzshCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_workstationzshenterprise_linux_desktopzsh
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-38160
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.40% / 31.50%
||
7 Day CHG~0.00%
Published-07 Aug, 2021 | 03:31
Updated-05 May, 2025 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-debian_linuxhci_management_nodelinux_kernelhci_bootstrap_oshci_compute_nodeelement_softwarehci_storage_nodeenterprise_linuxsolidfiren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2002-0062
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.48% / 38.26%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."

Action-Not Available
Vendor-n/aDebian GNU/LinuxFreeBSD FoundationGNURed Hat, Inc.SUSE
Product-debian_linuxlinuxncursessuse_linuxfreebsdn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-11473
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.41% / 33.05%
||
7 Day CHG~0.00%
Published-20 Jul, 2017 | 04:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, Inc
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-0712
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.43% / 34.91%
||
7 Day CHG~0.00%
Published-18 Feb, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, Inc
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-14374
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.43% / 34.48%
||
7 Day CHG~0.00%
Published-30 Sep, 2020 | 19:10
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-dpdkn/aCanonical Ltd.openSUSE
Product-ubuntu_linuxdata_plane_development_kitleapdpdk
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2014-1737
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.2||HIGH
EPSS-0.49% / 38.54%
||
7 Day CHG~0.00%
Published-11 May, 2014 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

Action-Not Available
Vendor-n/aOracle CorporationLinux Kernel Organization, IncSUSERed Hat, Inc.Debian GNU/Linux
Product-debian_linuxlinux_enterprise_desktoplinux_enterprise_real_time_extensionlinux_enterprise_high_availability_extensionlinux_enterprise_serverlinuxenterprise_linux_euslinux_kerneln/a
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-1999-1327
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.43% / 34.53%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2014-1949
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.33% / 24.94%
||
7 Day CHG~0.00%
Published-16 Jan, 2015 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.

Action-Not Available
Vendor-linuxmintn/aCanonical Ltd.The GNOME Project
Product-gtkubuntulinux_mintn/a
CWE ID-CWE-284
Improper Access Control
CVE-2014-1421
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.2||HIGH
EPSS-0.51% / 39.58%
||
7 Day CHG~0.00%
Published-25 Nov, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors.

Action-Not Available
Vendor-n/aCanonical Ltd.
Product-ubuntu_linuxn/a
CVE-2014-0484
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.2||HIGH
EPSS-0.37% / 29.33%
||
7 Day CHG~0.00%
Published-22 Sep, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Debian acpi-support package before 0.140-5+deb7u3 allows local users to gain privileges via vectors related to the "user's environment."

Action-Not Available
Vendor-n/aCanonical Ltd.
Product-acpi-supportn/a
CVE-2014-0069
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.41% / 33.25%
||
7 Day CHG~0.00%
Published-28 Feb, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-linux_enterprise_desktopenterprise_linux_serverenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktoplinux_enterprise_serverenterprise_linux_server_ausenterprise_linux_euslinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-25031
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.54% / 41.64%
||
7 Day CHG~0.00%
Published-31 Aug, 2020 | 03:43
Updated-04 Aug, 2024 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file.

Action-Not Available
Vendor-n/aCanonical Ltd.
Product-checkinstalln/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2013-4587
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.53% / 40.87%
||
7 Day CHG~0.00%
Published-14 Dec, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSE
Product-linux_kernelopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4400
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.35% / 27.17%
||
7 Day CHG~0.00%
Published-09 Dec, 2013 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-libvirtn/a
CVE-2013-3301
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.98% / 58.07%
||
7 Day CHG~0.00%
Published-29 Apr, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-linux_enterprise_desktoplinux_enterprise_high_availability_extensionlinux_enterprise_serverenterprise_mrglinux_kernelenterprise_linuxn/a
CVE-2013-2231
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.45% / 35.92%
||
7 Day CHG~0.00%
Published-01 Oct, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder.

Action-Not Available
Vendor-n/aMicrosoft CorporationRed Hat, Inc.
Product-enterprise_linux_desktop_supplementaryenterprise_linux_server_supplementarywindowsenterprise_linux_workstation_supplementaryenterprise_linuxn/a
CVE-2013-2176
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.46% / 36.73%
||
7 Day CHG~0.00%
Published-28 Aug, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-enterprise_virtualizationn/a
CVE-2013-2152
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.41% / 33.30%
||
7 Day CHG~0.00%
Published-21 Jan, 2014 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-enterprise_virtualizationn/a
CVE-2013-2069
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.34% / 26.44%
||
7 Day CHG~0.00%
Published-29 May, 2013 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before 18.16, and 19.x before 19.3, when a rootpw directive is not set in a Kickstart file, sets the root user password to empty, which allows local users to gain privileges.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-livecd-toolsn/a
CVE-2013-1090
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.39% / 31.39%
||
7 Day CHG~0.00%
Published-06 Dec, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aopenSUSE
Product-opensusen/a
CVE-2013-1052
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.2||HIGH
EPSS-0.45% / 36.18%
||
7 Day CHG~0.00%
Published-21 Mar, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

pam-xdg-support, as used in Ubuntu 12.10, does not properly handle the PATH environment variable, which allows local users to gain privileges via unspecified vectors related to sudo.

Action-Not Available
Vendor-n/aCanonical Ltd.
Product-ubuntu_linuxn/a
CVE-2006-5753
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.38% / 29.68%
||
7 Day CHG~0.00%
Published-30 Jan, 2007 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_desktoplinux_kernelenterprise_linuxn/a
CVE-2001-1028
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.40% / 31.70%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2000-1189
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.44% / 35.08%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2000-0607
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.11% / 62.00%
||
7 Day CHG~0.00%
Published-19 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.Mandriva (Mandrakesoft)
Product-debian_linuxmandrake_linuxlinuxn/a
CVE-2020-14339
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.42% / 33.44%
||
7 Day CHG~0.00%
Published-03 Dec, 2020 | 00:00
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-libvirtenterprise_linuxlibvirt
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2012-3515
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.53% / 40.76%
||
7 Day CHG~0.00%
Published-23 Nov, 2012 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEQEMUSUSEXen ProjectRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxlinux_enterprise_desktopenterprise_linux_serverqemuenterprise_linux_workstationenterprise_linux_desktoplinux_enterprise_serverxenenterprise_linux_eusvirtualizationenterprise_linuxlinux_enterprise_software_development_kitopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-1999-0405
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.76% / 50.58%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in lsof allows local users to obtain root privilege.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFreeBSD FoundationRed Hat, Inc.SUSE
Product-debian_linuxlinuxsuse_linuxfreebsdn/a
CVE-1999-0034
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.18% / 63.73%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.

Action-Not Available
Vendor-larry_wallbsdin/aSilicon Graphics, Inc.Red Hat, Inc.
Product-freewarelinuxperlbsd_osn/a
CVE-2012-0044
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.38% / 30.12%
||
7 Day CHG~0.00%
Published-17 May, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, Inc
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2012-0055
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-1.24% / 65.56%
||
7 Day CHG~0.00%
Published-19 Feb, 2020 | 17:28
Updated-06 Aug, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions.

Action-Not Available
Vendor-Linux kernelLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelOverlayFS
CWE ID-CWE-862
Missing Authorization
CVE-2022-34918
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-5.45% / 91.76%
||
7 Day CHG+0.32%
Published-04 Jul, 2022 | 20:07
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelh500sh410s_firmwareh700s_firmwareh300s_firmwareh500s_firmwareh410c_firmwareh410sh410ch300sh700sn/a
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-1999-0769
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.80% / 52.13%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.

Action-Not Available
Vendor-paul_vixien/aDebian GNU/LinuxRed Hat, Inc.The MITRE Corporation (Caldera)
Product-debian_linuxlinuxvixie_cronopenlinuxn/a
CVE-2019-9924
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.41% / 33.43%
||
7 Day CHG~0.00%
Published-22 Mar, 2019 | 07:05
Updated-04 Aug, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.

Action-Not Available
Vendor-n/aGNUopenSUSENetApp, Inc.Canonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxhci_management_nodebashsolidfireleapn/a
CWE ID-CWE-862
Missing Authorization
CVE-2019-16729
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.36% / 27.66%
||
7 Day CHG~0.00%
Published-24 Sep, 2019 | 04:07
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups.

Action-Not Available
Vendor-pam-python_projectn/aCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxpam-pythonn/a
CVE-2019-8956
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-7.8||HIGH
EPSS-1.13% / 62.45%
||
7 Day CHG~0.00%
Published-01 Apr, 2019 | 18:39
Updated-04 Aug, 2024 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.

Action-Not Available
Vendor-UNKNOWNLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelLinux Kernel
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-15789
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-8.8||HIGH
EPSS-0.50% / 39.28%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 01:00
Updated-16 Sep, 2024 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microk8s Privilege Escalation Vulnerability

Privilege escalation vulnerability in MicroK8s allows a low privilege user with local access to obtain root access to the host by provisioning a privileged container. Fixed in MicroK8s 1.15.3.

Action-Not Available
Vendor-Canonical Ltd.
Product-microk8sMicroK8s
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-8912
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.65% / 46.67%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 18:00
Updated-04 Aug, 2024 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

Action-Not Available
Vendor-n/aopenSUSELinux Kernel Organization, IncCanonical Ltd.Red Hat, Inc.
Product-ubuntu_linuxenterprise_linuxlinux_kernelleapn/a
CWE ID-CWE-416
Use After Free
CVE-2022-29581
Matching Score-8
Assigner-Google LLC
ShareView Details
Matching Score-8
Assigner-Google LLC
CVSS Score-7.8||HIGH
EPSS-1.03% / 59.41%
||
7 Day CHG~0.00%
Published-17 May, 2022 | 16:50
Updated-21 Apr, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.

Action-Not Available
Vendor-Debian GNU/LinuxLinux Kernel Organization, IncNetApp, Inc.Canonical Ltd.
Product-ubuntu_linuxh300eh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700eh410ch700e_firmwareh700sKernel
CWE ID-CWE-911
Improper Update of Reference Count
CVE-2019-15925
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.35% / 26.85%
||
7 Day CHG~0.00%
Published-04 Sep, 2019 | 20:33
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2010-4656
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.40% / 31.55%
||
7 Day CHG~0.00%
Published-18 Jul, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, Inc
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-3904
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-11.22% / 95.42%
||
7 Day CHG~0.00%
Published-06 Dec, 2010 | 20:00
Updated-21 Apr, 2026 | 17:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-02||The impacted product is end-of-life and should be disconnected if still in use.

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)openSUSECanonical Ltd.Red Hat, Inc.SUSELinux Kernel Organization, Inc
Product-ubuntu_linuxlinux_enterprise_desktoplinux_enterprise_real_time_extensionlinux_enterprise_serveresxienterprise_linuxlinux_kernelopensusen/aKernel
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2010-2960
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-0.51% / 39.53%
||
7 Day CHG~0.00%
Published-08 Sep, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSE
Product-suse_linux_enterprise_serversuse_linux_enterprise_desktopubuntu_linuxlinux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2010-2959
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-7.2||HIGH
EPSS-3.78% / 88.63%
||
7 Day CHG~0.00%
Published-08 Sep, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic.

Action-Not Available
Vendor-n/aopenSUSELinux Kernel Organization, IncSUSEDebian GNU/LinuxFedora Project
Product-debian_linuxlinux_enterprise_desktoplinux_enterprise_high_availability_extensionlinux_enterprise_serverlinux_enterprise_real_timefedoralinux_kernelopensusen/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2010-2798
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.41% / 33.23%
||
7 Day CHG~0.00%
Published-08 Sep, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSELinux Kernel Organization, IncAvaya LLCSUSEDebian GNU/LinuxVMware (Broadcom Inc.)
Product-debian_linuxubuntu_linuxiqaura_session_managervoice_portalesxsuse_linux_enterprise_serveraura_presence_serviceslinux_enterprise_high_availability_extensionaura_system_platformaura_system_managersuse_linux_enterprise_desktoplinux_kernelaura_communication_manageropensusen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2010-3080
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.42% / 33.43%
||
7 Day CHG~0.00%
Published-21 Sep, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSELinux Kernel Organization, IncSUSE
Product-ubuntu_linuxlinux_enterprise_desktoplinux_enterprise_real_time_extensionlinux_enterprise_serverlinux_kernelopensusen/a
CWE ID-CWE-415
Double Free
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 12
  • 13
  • Next
Details not found