Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2014-1739

Summary
Assigner-Chrome
Assigner Org ID-ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At-23 Jun, 2014 | 10:00
Updated At-06 Aug, 2024 | 09:50
Rejected At-
Credits

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Chrome
Assigner Org ID:ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At:23 Jun, 2014 | 10:00
Updated At:06 Aug, 2024 | 09:50
Rejected At:
▼CVE Numbering Authority (CNA)

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.ubuntu.com/usn/USN-2263-1
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=1109774
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
vendor-advisory
x_refsource_SUSE
http://www.openwall.com/lists/oss-security/2014/06/15/1
mailing-list
x_refsource_MLIST
https://source.android.com/security/bulletin/2017-04-01
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2261-1
vendor-advisory
x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2264-1
vendor-advisory
x_refsource_UBUNTU
http://www.securityfocus.com/bid/68048
vdb-entry
x_refsource_BID
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
vendor-advisory
x_refsource_SUSE
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8
x_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2259-1
vendor-advisory
x_refsource_UBUNTU
https://github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8
x_refsource_CONFIRM
http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
x_refsource_MISC
http://secunia.com/advisories/59597
third-party-advisory
x_refsource_SECUNIA
http://www.securitytracker.com/id/1038201
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.ubuntu.com/usn/USN-2263-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1109774
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.openwall.com/lists/oss-security/2014/06/15/1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://source.android.com/security/bulletin/2017-04-01
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ubuntu.com/usn/USN-2261-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.ubuntu.com/usn/USN-2264-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.securityfocus.com/bid/68048
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ubuntu.com/usn/USN-2259-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8
Resource:
x_refsource_CONFIRM
Hyperlink: http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/59597
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securitytracker.com/id/1038201
Resource:
vdb-entry
x_refsource_SECTRACK
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.ubuntu.com/usn/USN-2263-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1109774
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.openwall.com/lists/oss-security/2014/06/15/1
mailing-list
x_refsource_MLIST
x_transferred
https://source.android.com/security/bulletin/2017-04-01
x_refsource_CONFIRM
x_transferred
http://www.ubuntu.com/usn/USN-2261-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.ubuntu.com/usn/USN-2264-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.securityfocus.com/bid/68048
vdb-entry
x_refsource_BID
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8
x_refsource_CONFIRM
x_transferred
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6
x_refsource_CONFIRM
x_transferred
http://www.ubuntu.com/usn/USN-2259-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8
x_refsource_CONFIRM
x_transferred
http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
x_refsource_MISC
x_transferred
http://secunia.com/advisories/59597
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securitytracker.com/id/1038201
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2263-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1109774
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2014/06/15/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://source.android.com/security/bulletin/2017-04-01
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2261-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2264-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.securityfocus.com/bid/68048
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2259-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/59597
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securitytracker.com/id/1038201
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:chrome-cve-admin@google.com
Published At:23 Jun, 2014 | 11:21
Updated At:12 Apr, 2025 | 10:46

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions before 3.14.6(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>13.10
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
SUSE
suse
>>linux_enterprise_high_availability_extension>>11
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*
SUSE
suse
>>suse_linux_enterprise_desktop>>11
cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
SUSE
suse
>>suse_linux_enterprise_server>>11
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*
SUSE
suse
>>suse_linux_enterprise_server>>11
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
Weaknesses
CWE IDTypeSource
CWE-200Primarynvd@nist.gov
CWE ID: CWE-200
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8chrome-cve-admin@google.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.htmlchrome-cve-admin@google.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.htmlchrome-cve-admin@google.com
N/A
http://secunia.com/advisories/59597chrome-cve-admin@google.com
N/A
http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.htmlchrome-cve-admin@google.com
N/A
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6chrome-cve-admin@google.com
N/A
http://www.openwall.com/lists/oss-security/2014/06/15/1chrome-cve-admin@google.com
N/A
http://www.securityfocus.com/bid/68048chrome-cve-admin@google.com
N/A
http://www.securitytracker.com/id/1038201chrome-cve-admin@google.com
N/A
http://www.ubuntu.com/usn/USN-2259-1chrome-cve-admin@google.com
N/A
http://www.ubuntu.com/usn/USN-2261-1chrome-cve-admin@google.com
N/A
http://www.ubuntu.com/usn/USN-2263-1chrome-cve-admin@google.com
N/A
http://www.ubuntu.com/usn/USN-2264-1chrome-cve-admin@google.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1109774chrome-cve-admin@google.com
N/A
https://github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8chrome-cve-admin@google.com
N/A
https://source.android.com/security/bulletin/2017-04-01chrome-cve-admin@google.com
N/A
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/59597af854a3a-2127-422b-91ae-364da2661108
N/A
http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2014/06/15/1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/68048af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1038201af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2259-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2261-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2263-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2264-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1109774af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8af854a3a-2127-422b-91ae-364da2661108
N/A
https://source.android.com/security/bulletin/2017-04-01af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/59597
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2014/06/15/1
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/68048
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1038201
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2259-1
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2261-1
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2263-1
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2264-1
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1109774
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: https://github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: https://source.android.com/security/bulletin/2017-04-01
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/59597
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2014/06/15/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/68048
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1038201
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2259-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2261-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2263-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2264-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1109774
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/torvalds/linux/commit/e6a623460e5fc960ac3ee9f946d3106233fd28d8
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://source.android.com/security/bulletin/2017-04-01
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1471Records found
CVE-2021-34693
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.18%
||
7 Day CHG~0.00%
Published-14 Jun, 2021 | 00:00
Updated-04 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-909
Missing Initialization of Resource
CVE-2006-5174
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.06% / 20.11%
||
7 Day CHG~0.00%
Published-05 Oct, 2006 | 21:00
Updated-07 Aug, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2006-4813
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.07% / 20.47%
||
7 Day CHG~0.00%
Published-12 Oct, 2006 | 20:00
Updated-07 Aug, 2024 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2004-2135
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.46% / 63.00%
||
7 Day CHG~0.00%
Published-01 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2019-17445
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.40%
||
7 Day CHG~0.00%
Published-22 Nov, 2019 | 17:18
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other locations via Symbolic Link Following.

Action-Not Available
Vendor-eracentn/aLinux Kernel Organization, Inc
Product-eua_agentlinux_kerneleda_agentsum_agentepa_agentepm_agentflw_agentn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2006-1342
Matching Score-8
Assigner-bc94ec7e-8909-4cbb-83df-d2fc9330fa88
ShareView Details
Matching Score-8
Assigner-bc94ec7e-8909-4cbb-83df-d2fc9330fa88
CVSS Score-2.1||LOW
EPSS-0.17% / 39.08%
||
7 Day CHG~0.00%
Published-21 Mar, 2006 | 18:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2006-1863
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.19% / 40.56%
||
7 Day CHG~0.00%
Published-25 Apr, 2006 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2020-0549
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 32.02%
||
7 Day CHG~0.00%
Published-28 Jan, 2020 | 00:03
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-Intel CorporationDebian GNU/LinuxCanonical Ltd.openSUSEFedora Project
Product-xeon_e3-1501m_firmwarexeon_6126xeon_8276_firmwarepentium_g4500_firmwarexeon_5222xeon_w-3245mceleron_3955u_firmwarexeon_6154_firmwarexeon_5215l_firmwarepentium_4415ycore_i3-6300xeon_8180_firmwarecore_i3-6100e_firmwarecore_i3-8350k_firmwarexeon_5218txeon_e-2124g_firmwarecore_i7-9700kfcore_i7-7640xcore_i5-8305g_firmwarecore_i5-7500_firmwarexeon_5220_firmwarecore_i9-10940xcore_i5-8400hxeon_e-2254me_firmwarecore_i7_8500yceleron_g3940xeon_w-2125xeon_5118_firmwarexeon_6262vcore_i5-7y54xeon_8160txeon_e3-1535m_firmwarexeon_8170_firmwarecore_i3-7007u_firmwarecore_i7-6650u_firmwarecore_i9-9900kfxeon_5215_firmwarepentium_g4400tceleron_g3920t_firmwarexeon_6128_firmwarecore_i7-8670xeon_w-2255core_i3-8145uxeon_6246core_i7_10510ycore_i7-6822eqxeon_8160m_firmwarecore_i9-9940x_firmwarecore_i5-7210u_firmwarecore_i3-7020ucore_i7-6700texeon_e3-1285_firmwarecore_i7-6567u_firmwarexeon_5218_firmwarecore_i9-7920xcore_i7-7600uxeon_6142mcore_i5-9400f_firmwarexeon_e-2224xeon_e-2184g_firmwarecore_i5-7y57_firmwarecore_i3-6100t_firmwarexeon_9222core_i3-7100e_firmwarecore_i3-7100ecore_i9-7940x_firmwarexeon_e3-1275_firmwarecore_i5-6442eq_firmwarecore_i5-6287u_firmwarexeon_e-2134_firmwarexeon_3104xeon_6142fcore_m5-6y54xeon_w-2245core_i5-6600kxeon_6252n_firmwarepentium_g5400_firmwarecore_i3-7120t_firmwareceleron_g3940_firmwarexeon_8260lxeon_6242_firmwarecore_i7-7600u_firmwarepentium_g4520_firmwarecore_i5-8400bxeon_4214xeon_e3-1285pentium_g4420xeon_6152core_i7-7820hkcore_i5-6500te_firmwarexeon_8260_firmwarexeon_4116t_firmwarecore_i9-9940xcore_i5-8550xeon_6134mcore_i5-8400h_firmwarexeon_e-2184gcore_i7-6970hqxeon_6140_firmwarecore_i9-9820x_firmwarecore_i5-7500ucore_i3-6120tcore_i5-8600xeon_6240ypentium_g5420_firmwarexeon_4214yceleron_g3930teceleron_3865u_firmwarecore_i7-9700kxeon_3206r_firmwarecore_i5-9400_firmwarexeon_e3-1225celeron_3865ucore_i7-7740x_firmwarexeon_w-2265core_i3-8100xeon_8156pentium_g4520t_firmwarecore_m7-6y75xeon_w-2245_firmwarexeon_e3-1270_firmwarecore_i5-6600t_firmwareceleron_g4900tcore_m3-6y30fedoraceleron_3855u_firmwarecore_i5-7287u_firmwarecore_i7-7700celeron_g3900te_firmwarexeon_8153_firmwarepentium_g5600_firmwarecore_i7-7820hq_firmwarecore_i3-7102ecore_i7-7920hq_firmwarecore_i5-8600kxeon_4114t_firmwarexeon_e-2124_firmwarecore_i7-8700k_firmwarexeon_5218n_firmwarexeon_w-2223_firmwarecore_i7-8700_firmwarexeon_e3-1220core_i7-8750hceleron_g3900_firmwarecore_i5-8365ucore_i9-9960x_firmwarecore_i5-9600kfcore_i5-8500b_firmwarexeon_4109t_firmwarepentium_4410ycore_i3-7100u_firmwarexeon_8164core_i5-7600core_i3-6100h_firmwarecore_i9-7940xxeon_5118pentium_g5400txeon_w-3265_firmwarecore_i9-9960xxeon_6230n_firmwarecore_i3-7120_firmwarexeon_w-2195core_i7-7820eq_firmwarexeon_5218ncore_i5-8550_firmwarexeon_w-3235_firmwarecore_i3-8300core_i5-7400tcore_i5-7267u_firmwarexeon_e3-1535mpentium_4415y_firmwarexeon_e3-1505m_firmwarexeon_6226_firmwarexeon_e-2174gxeon_5215mcore_i7-8809gxeon_8160fxeon_4214_firmwarecore_i7-8700bcore_i5-8420_firmwarecore_i5-7260uxeon_w-2145_firmwarecore_i3-8000t_firmwarecore_i7_8560u_firmwarecore_i7-7500u_firmwarepentium_g5420tcore_i5-7267uxeon_6130f_firmwarecore_i7-7800xxeon_6146_firmwarexeon_6154xeon_6238_firmwarecore_i3-8020_firmwarexeon_4116xeon_5220r_firmwarecore_i7-7820hk_firmwarecore_i9-9900kf_firmwarecore_i7-6560uxeon_w-2123xeon_w-3275mxeon_e3-1505lpentium_g4420txeon_4112_firmwarecore_i5-8300hcore_i5-8600t_firmwarexeon_6252xeon_8180mxeon_6130txeon_6136xeon_4116_firmwarecore_i5-6600_firmwarexeon_6242xeon_8270_firmwarexeon_5120txeon_8160pentium_g4400_firmwarexeon_8158_firmwarecore_i3-7110u_firmwarexeon_6230t_firmwarecore_i5-7300u_firmwarecore_i5-8600_firmwarecore_i5-9600kf_firmwarecore_i7-7510u_firmwarexeon_e-2224_firmwarecore_i7-9750hfceleron_g4920core_i5-9300h_firmwarexeon_6244xeon_e-2274gcore_i3-6167uxeon_6230nxeon_6252ncore_i5-8400b_firmwarecore_i9-9800x_firmwarexeon_6130_firmwarexeon_9221_firmwarecore_i7-6700t_firmwarecore_i3-8100_firmwarecore_i7-7740xxeon_e3-1240_firmwarecore_i7-6500ucore_i3-7110ucore_i7-6500u_firmwarecore_i3-8120xeon_8276l_firmwareceleron_g3902exeon_e-2124core_i9-9880hxeon_6144_firmwarecore_i5-7287ucore_i5-8500t_firmwaredebian_linuxcore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_6238t_firmwarexeon_4214cxeon_6238core_i5-6300uxeon_5215r_firmwarecore_i7-8565uxeon_4210_firmwarexeon_5218b_firmwarexeon_6134m_firmwarexeon_6238l_firmwarexeon_4108_firmwarecore_i5-7300hq_firmwarexeon_9282_firmwarexeon_e-2274g_firmwarexeon_e3-1245core_i5-7300hqcore_i7-8706g_firmwarecore_i7-7560uxeon_w-2133_firmwarecore_i5-6600k_firmwarecore_i3-6110u_firmwarexeon_5222_firmwarecore_i5-7400t_firmwarecore_i3-6100hcore_i3-8100t_firmwarecore_i5-6200u_firmwarexeon_6138f_firmwarexeon_8276xeon_6226xeon_w-3265m_firmwarexeon_6148_firmwarexeon_8164_firmwarecore_i7-8850h_firmwarecore_m7-6y75_firmwarecore_i7-6700hqpentium_g4500t_firmwarexeon_5218t_firmwarecore_i7-9700kf_firmwarecore_i9-7900x_firmwarecore_i7-7800x_firmwarexeon_w-2225_firmwarecore_i7-9850h_firmwarexeon_6150core_i5-6350hqxeon_5120xeon_8280l_firmwarecore_i7-6660u_firmwarecore_i5-7600txeon_8276mcore_i5405u_firmwarecore_i9-9820xcore_i3-6100te_firmwarexeon_6126f_firmwarexeon_9222_firmwarexeon_w-2155core_i5-6350hq_firmwarexeon_8260l_firmwarecore_i7-7500ucore_i7-8550uxeon_9242_firmwareubuntu_linuxxeon_e-2224gxeon_w-2135core_i3-6120_firmwarexeon_e3-1505mcore_i5-6310u_firmwarexeon_w-2145xeon_8276lcore_i5-6400_firmwarecore_i7-6650ucore_i7_8650ucore_i9-9900x_firmwarecore_i5_10110y_firmwarecore_i5-9300hcore_i5-6210uxeon_e3-1240xeon_4210rpentium_g5420core_i3-7167u_firmwarecore_i9-10920x_firmwarepentium_g5500_firmwarecore_i7-8665u_firmwarecore_i3-7167ucore_i3-6100tcore_i5-9400hleapcore_i7-7567uxeon_w-2295_firmwarecore_i3-8145u_firmwarepentium_4405u_firmwarexeon_6126fcore_i7_10510y_firmwarecore_i3-7340_firmwarexeon_8268_firmwarecore_i7-7660u_firmwarexeon_4216rpentium_g5500tcore_i7-7820hqcore_i5-6260u_firmwareceleron_g3920txeon_8156_firmwarexeon_6126txeon_4215core_i7-8750h_firmwarexeon_3106core_i3-6100ecore_i3-8300t_firmwarecore_i5-7400_firmwarexeon_e3-1280xeon_5220s_firmwareceleron_3955ucore_i7-9700k_firmwarexeon_6240_firmwarexeon_4214y_firmwarexeon_5115core_i5-7y54_firmwarexeon_5215pentium_4405y_firmwarecore_i7-6567uxeon_6130fxeon_e-2174g_firmwarecore_i3-7101exeon_8180xeon_6138fxeon_6238lcore_i9-7900xcore_i9-8950hk_firmwarecore_i5-8500xeon_4209tcore_i7-6870hq_firmwarexeon_w-3223core_i3-8000_firmwarecore_i5-7600_firmwarexeon_w-3275m_firmwarecore_i7-7510uxeon_w-2235_firmwarecore_i5-6267u_firmwarexeon_6140mcore_i5-8265uxeon_5115_firmwarexeon_e-2254mexeon_6240xeon_w-3235core_i3-7007ucore_i5-6300hqcore_i3-6110uxeon_6142f_firmwarexeon_6148f_firmwarecore_i5-6440hqcore_i7-7y75xeon_8176mxeon_w-2225xeon_6252_firmwarecore_i7-7560u_firmwarexeon_w-2133core_i7-6700core_i5-7y57celeron_g3920_firmwarexeon_4108core_i3-8350kcore_i7_8560ucore_i5-7500tcore_i5-9600k_firmwarexeon_e-2224g_firmwarecore_i7_8500y_firmwarecore_i3-6102e_firmwarexeon_6240m_firmwarexeon_e3-1230_firmwarexeon_w-2223xeon_4214c_firmwarecore_i9-7920x_firmwarecore_i7-8705gcore_i7-7700kpentium_g4540_firmwarecore_i7-8665ucore_i4205ucore_i3-8300txeon_6240y_firmwarecore_i7-7660ucore_i7-6600ucore_i3-6100u_firmwarecore_i3-8120_firmwarecore_i7-8706gxeon_w-3225xeon_4215_firmwarecore_i9-9880h_firmwarecore_i7-8700t_firmwarexeon_5220t_firmwarecore_i9-7960x_firmwarepentium_g5500t_firmwarecore_i7-8700core_i5-7500u_firmwarexeon_e3-1501lcore_i3-6300txeon_6238mcore_i5-6310ucore_i3-7130u_firmwarexeon_w-2155_firmwarecore_i5-8400core_i3-6120xeon_4110_firmwarecore_i7-8705g_firmwarecore_i7-7700txeon_w-3225_firmwarexeon_9282xeon_w-2295core_i5-7260u_firmwarecore_i7-6600u_firmwarecore_i5-7600k_firmwarecore_i7-6770hqxeon_w-3245m_firmwarecore_i7-8700kxeon_9220_firmwarexeon_6262v_firmwarexeon_5220core_i7_8550ucore_i5-8600k_firmwarecore_i5-7200u_firmwarecore_i5-7442eqxeon_e-2134xeon_e-2284g_firmwarexeon_5120t_firmwarepentium_g4500txeon_4116tcore_i7_8550u_firmwarecore_i5-7442eq_firmwarecore_i7_8559uxeon_8170m_firmwarecore_i7-8569u_firmwarexeon_e-2144g_firmwarexeon_5122xeon_9242xeon_4208xeon_6246_firmwarexeon_5218bcore_i5-7360u_firmwarexeon_w-2275_firmwarexeon_6144xeon_6230txeon_8280_firmwarecore_i5-6442eqxeon_6254core_i5-8420tcore_i9-7960xcore_i5-9600kcore_i7-7820xceleron_g3900core_i3-6300_firmwarecore_i5_10110ycore_i7-7640x_firmwarecore_i7-7700hqpentium_g5600xeon_6142_firmwarecore_i9-7980xexeon_3206rceleron_g4900t_firmwarecore_i3-8100hxeon_e3-1225_firmwarecore_i7-6870hqxeon_5220sxeon_4114pentium_g4500xeon_6146xeon_8253_firmwarexeon_6222v_firmwarecore_i5-8350uxeon_6134xeon_3104_firmwarecore_i3-6320t_firmwarexeon_5119txeon_w-3223_firmwarecore_i5-7300ucore_i5-6440hq_firmwarecore_m3-6y30_firmwarexeon_5217_firmwarepentium_4415u_firmwarexeon_w-3265mcore_i5-8500tceleron_3965y_firmwarecore_i5-7500xeon_8268xeon_w-2255_firmwarexeon_6234xeon_6240lcore_i5-6400xeon_5215rcore_i5-7200upentium_g4540core_i5-8350u_firmwarecore_i7-8700b_firmwareceleron_g3930exeon_8168_firmwarecore_i9-8950hkpentium_g4520xeon_8256_firmwarexeon_4210xeon_6142pentium_4405ucore_i7-6820hq_firmwarecore_i3-6320_firmwarecore_i7-7920hqpentium_g4400t_firmwarexeon_8260yxeon_6126t_firmwarexeon_e-2254mlxeon_5220tcore_i5-8400txeon_w-2123_firmwarexeon_8160f_firmwarexeon_8256core_i3-6100_firmwarexeon_8280xeon_4209t_firmwarecore_i9-10920xxeon_8160t_firmwarexeon_6244_firmwarecore_i5-8420core_i7-8670txeon_e-2254ml_firmwarexeon_6148core_i7-6660uceleron_3965uceleron_g4920_firmwarecore_i3-6120t_firmwarexeon_9220core_i5_10310yxeon_8160mcore_i5-6500_firmwarecore_i3-7100hcore_i3-7101te_firmwarexeon_e3-1220_firmwarexeon_4109txeon_6128core_i5-6500t_firmwarexeon_e3-1501l_firmwarexeon_e-2244gcore_i9-9900kxeon_4110core_i3-6320tcore_i7-8709gcore_i3-7120xeon_5220rcore_i7-8550u_firmwarecore_i7-7y75_firmwarecore_i5-6287upentium_g4420t_firmwarexeon_8180m_firmwarexeon_6130t_firmwarexeon_5215lcore_i5-7640x_firmwarecore_i5-9400core_i9-9920xcore_i3-8100txeon_6150_firmwarepentium_4415ucore_i5-6500tcore_i5-6260ucore_i3-7120tcore_i7-6700k_firmwarecore_i5-8650k_firmwarecore_i5-7500t_firmwarecore_i7-8700tcore_i7-6820hk_firmwarexeon_6230_firmwarecore_i7-6820hqxeon_6140core_i5-7400xeon_e3-1501mcore_i7-8650uxeon_8160_firmwarecore_i5_10210y_firmwarecore_i3-7102e_firmwarecore_m3-7y30_firmwarexeon_e3-1245_firmwarexeon_8153xeon_6132_firmwarecore_i5-6600core_i7-6700tcore_i7-6920hqxeon_8170mxeon_6132xeon_8276m_firmwarecore_i3-6167u_firmwarecore_i3-6100uxeon_4208rxeon_8176fcore_i7-6700_firmwarexeon_e-2234_firmwarecore_i3-7320t_firmwarepentium_g4400texeon_e3-1280_firmwarecore_i9-9800xxeon_w-3265core_i7-6510u_firmwarexeon_6136_firmwarecore_i7-6822eq_firmwarecore_i7-8565u_firmwarexeon_w-3245xeon_4216_firmwarexeon_8158xeon_8176f_firmwarexeon_6148fxeon_8168core_i5-8500bxeon_e-2124gcore_i5-7600t_firmwarexeon_8176_firmwarecore_i9-7980xe_firmwarecore_i5-7440hq_firmwarecore_i7_8650u_firmwarecore_i5-6300hq_firmwarexeon_e-2234core_i7-8709g_firmwarexeon_6238m_firmwarepentium_g4520tceleron_g3930e_firmwareceleron_3965u_firmwarexeon_6138tcore_i7-9850hcore_i5_10310y_firmwarecore_i5-9400fcore_i3-8000core_i7-6700kcore_i3-6320core_i3-7320tcore_i5-7440eqcore_i7-6820eq_firmwarepentium_4410y_firmwarecore_i7-7820x_firmwareceleron_g3900txeon_8280lxeon_w-2195_firmwarexeon_6230xeon_4208r_firmwarecore_i3-8130u_firmwarecore_i3-8000tceleron_g3920core_i5-6400txeon_6140m_firmwarexeon_4216core_i3-7100uxeon_5122_firmwarexeon_3204core_i3-7101texeon_5119t_firmwarexeon_6234_firmwarexeon_w-3275xeon_w-2265_firmwarexeon_8270core_i5-7600kxeon_4112core_m5-6y57core_i5-8250ucore_i7-6920hq_firmwarecore_i7-7820eqxeon_e3-1275xeon_4114txeon_6248_firmwarecore_i5405ucore_i5-7360ucore_i7_8565ucore_i5-6500core_i3-7340core_i7-8650u_firmwarecore_i7_8559u_firmwarexeon_w-3245_firmwarexeon_8260mcore_i5-6200ucore_i7-8670t_firmwarecore_i9-9900k_firmwarecore_i7-7700k_firmwarecore_i7-6700hq_firmwarexeon_4208_firmwarecore_i5-8650_firmwarexeon_w-2135_firmwarecore_i5-8250u_firmwarexeon_6126_firmwareceleron_g3902e_firmwarecore_i7-7567u_firmwarexeon_8176m_firmwarecore_i5-8400_firmwarecore_i7-8670_firmwarecore_i7-6970hq_firmwarexeon_6138t_firmwarecore_i7-7700hq_firmwarecore_i7-6820hkxeon_6254_firmwarexeon_8260y_firmwarepentium_g4400core_i5-7440eq_firmwarecore_i9-9900xcore_i7-9750hf_firmwarecore_i5-8400t_firmwarexeon_4216r_firmwarexeon_w-2125_firmwarexeon_e-2284gcore_i5-6400t_firmwarecore_i3-6102ecore_i5-8365u_firmwarexeon_w-2175_firmwarecore_i7-6700te_firmwarecore_i5-6600txeon_8280m_firmwarecore_i3-8020pentium_g4420_firmwarexeon_6134_firmwarexeon_e-2244g_firmwarecore_i7-6510ucore_i5-6360u_firmwarecore_i3-8100h_firmwarexeon_5120_firmwarexeon_w-2235core_i7-8850hcore_i5-7210ucore_i3-7130ucore_i5-8265u_firmwarexeon_6130core_i9-10900x_firmwarecore_i7-6560u_firmwarecore_i3-8300_firmwarecore_i7_8565u_firmwarecore_i7-6820eqxeon_4214rcore_i9-10900xceleron_g3930te_firmwarexeon_5215m_firmwarecore_i5-8650core_i5-6500texeon_6152_firmwarecore_i5_10210ycore_m3-7y30core_i5-8500_firmwarecore_i5-6210u_firmwarexeon_6222vxeon_6240mcore_i5-6300u_firmwarexeon_4214r_firmwarecore_i7-8809g_firmwarexeon_6238txeon_e3-1230xeon_8170xeon_8260m_firmwarexeon_6240l_firmwarecore_i7-7700t_firmwarecore_i9-9980hk_firmwarexeon_w-3275_firmwareceleron_g4900core_i5-9400h_firmwarepentium_4405yxeon_6142m_firmwarecore_i5-8420t_firmwarepentium_g5500xeon_8176celeron_g3900t_firmwarecore_i3-6100xeon_w-2275core_i5-7640xxeon_5218xeon_8280mceleron_g4900_firmwarecore_i5-7440hqcore_m5-6y54_firmwarexeon_e-2144gcore_i5-6360uxeon_e3-1505l_firmwarecore_i9-10940x_firmwarepentium_g5420t_firmwarecore_i3-6300t_firmwarecore_m5-6y57_firmwarecore_i7-8569uxeon_4210r_firmwarecore_i5-8650kcore_i7-7700_firmwarecore_i7-6770hq_firmwarexeon_8260core_i5-6267uceleron_3965ypentium_g5400t_firmwarexeon_9221pentium_g4400te_firmwarexeon_6138_firmwarexeon_6138xeon_6248celeron_g3900texeon_3204_firmwarecore_i4205u_firmwarecore_i3-7020u_firmwarecore_i3-7101e_firmwareceleron_3855ucore_i5-6440eqcore_i9-9920x_firmwarecore_i5-8600tcore_i5-8305gcore_i5-6440eq_firmwarecore_i9-9980hkxeon_8253core_i3-6100texeon_5217pentium_g5400core_i3-8130uxeon_e3-1270xeon_3106_firmwarexeon_w-2175xeon_4114_firmwareIntel(R) Processors
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2006-1343
Matching Score-8
Assigner-bc94ec7e-8909-4cbb-83df-d2fc9330fa88
ShareView Details
Matching Score-8
Assigner-bc94ec7e-8909-4cbb-83df-d2fc9330fa88
CVSS Score-2.1||LOW
EPSS-0.10% / 28.64%
||
7 Day CHG~0.00%
Published-21 Mar, 2006 | 18:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2006-1056
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.08% / 24.02%
||
7 Day CHG~0.00%
Published-20 Apr, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFreeBSD Foundation
Product-linux_kernelfreebsdn/a
CVE-2020-0543
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.53% / 66.39%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 13:55
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aIntel CorporationMcAfee, LLCSiemens AGFedora ProjectopenSUSECanonical Ltd.
Product-celeron_2957uxeon_e3-1230_v5xeon_e3-1558l_v5core_i3-6300core_i7-4790tcore_m-5y3core_i7-5775rceleron_5305ucore_i7-4765tcore_i3-4025ucore_i7-9700kfcore_i7-4785tcore_i5-8400hceleron_g3940core_i3-4120ucore_i5-7y54core_i3-3250core_i5-4440simatic_ipc547g_firmwarecore_i5-3470score_i3-2115cxeon_e-2226gcore_i9-9900kfpentium_g4400txeon_e3-1226_v3xeon_e3-1280_v5xeon_e3-1265l_v2core_i7-8670pentium_a1018_v2core_i3-8145ucore_i7-6822eqcore_i5-4258ucore_i7-6700tecore_i3-7020ucore_i7-4770rxeon_e3-1501l_v6core_i3-8109ucore_i5-4260ucore_i7-7600ucore_i5-4670kxeon_e-2224core_i5-10110ycore_i7-3770celeron_g1830core_i3-7100ecore_i7-4770pentium_g3258xeon_e3-1505l_v6xeon_e-2278gecore_m5-6y54simatic_field_pg_m6_firmwaresimatic_ipc427d_firmwarecore_i5-4690tcore_i5-6600kcore_4415ycore_i5-5675ccore_i3-4360core_i7-4600uceleron_1020ecore_i5-8400bsimatic_ipc427e_firmwaresimatic_ipc647d_firmwarecore_i7-4980hqcore_i7-4710hqcore_i5-5250upentium_g4420celeron_1020mcore_i7-7820hkcore_i3-i3-8100hcore_i7-5850hqcore_i3-4170core_m-5y10ccore_i5-8550core_i3-4160txeon_e-2184gcore_i7-6970hqcore_i5-3340mxeon_e3-1265l_v4core_i3-6120tcore_i5-7500ucore_i5-8600celeron_g3930tecore_i5-3317uxeon_e-2136core_i7-10510ucore_i7-9700kceleron_3865ucore_i3-8100simatic_ipc527gpentium_g3460tcore_m7-6y75core_i3-3220pentium_g3440celeron_g4900tcore_m3-6y30core_i5-4570rfedorasimatic_ipc477d_firmwarecore_4205uxeon_e3-1535m_v5simatic_ipc527g_firmwarecore_i7-7700core_m-5y10simatic_field_pg_m5core_i3-7102ecore_i7-4712hqxeon_e3-1268l_v5celeron_2955ucore_i5-8600ksimatic_ipc477e_firmwarecore_i5-3550simatic_field_pg_m6core_i7-8750hxeon_e3-1501m_v6core_i5-8365usimatic_ipc827dcore_i5-4278ucore_i5-9600kfceleron_927ueceleron_g4930core_i5-7600core_i3-3227ucore_i5-3437upentium_g5400tcore_i5-4460xeon_e3-1270_v6core_i7-3920xmpentium_g2120_v2pentium_g3220xeon_e-2286mxeon_e3-1505m_v5pentium_g2020t_v2core_i3-5006upentium_3560mpentium_3561ycore_i7-5650uxeon_e-2276gcore_i3-8300xeon_e-2186gcore_i3-5005ucore_i5-7400tsimatic_ipc627dcore_i3-5020upentium_g3440txeon_e-2174gcore_i7-8809gxeon_e3-1105ccore_i5-5257ucore_i5-7260ucore_i7-8700bcore_m-5y70xeon_e3-1280_v2xeon_e3-1220_v2simotion_p320-4s_firmwarecore_i7-3612qepentium_g5420tcore_i5-4440score_i5-7267upentium_g3430core_i5-7y57_xeon_e3-1585_v5core_i5-10210ycore_i5-4402ecceleron_2970mcore_i7-6560upentium_g4420tpentium_g3460simatic_ipc477e_pro_firmwarecore_i5-8300hcore_i3-4020ycore_i3-4160pentium_3558ucore_i3-3229ycore_i7-5600uxeon_e3-1280_v3xeon_e3-1285_v3core_i5-3450pentium_3805ucore_4410yxeon_e3-1281_v3simatic_ipc647e_firmwarecore_i7-3632qmxeon_e3-1240l_v3pentium_gold_6405uceleron_g4920core_i3-6167uxeon_e-2274gcore_i7-3517uceleron_g1820xeon_e-2278gelcore_i5-3570xeon_e3-1270_v2xeon_e3-1280_v6xeon_e3-1225_v3core_i5-5200usimatic_ipc347e_firmwarecore_i7-7740xpentium_1405_v2core_i7-6500ucore_i3-3240tcore_i3-7110ucore_i3-8120celeron_g3902exeon_e-2124core_i9-9880hcore_i5-7287uxeon_e3-1275_v3simotion_p320-4ecore_i7-3940xmcore_i7-4950hqcore_i7-3740qmceleron_1047uecore_i5-6300ucore_i7-4700hqxeon_e-2276mecore_i7-8565uxeon_e3-1125ccore_i7-4770hqcore_i7-4910mqceleron_1019ycore_i5-7300hqcore_i7-7560uxeon_e3-1271_v3core_i3-6100hxeon_e3-1535m_v6simatic_ipc827d_firmwarecore_i5-8259uxeon_e3-1220_v5core_i7-4860hqcore_i7-3770kceleron_3765usimatic_ipc847ecore_i5-4300ucore_i3-3130msimatic_ipc427ecore_i7-6700hqpentium_2127u_v2simatic_ipc427dpentium_3665ucore_i3-3217uecore_i7-4850hqpentium_g3260core_i3-3240simotion_p320-4score_i5-6350hqpentium_3215ucore_i3-4150core_i5-7600tpentium_g2030_v2simatic_ipc3000_smartcore_i5-3360msimatic_ipc547ecore_i7-4702mqcore_i3-4100ucore_i5-4220ypentium_g3240xeon_e3-1258l_v4core_i7-7500ucore_i7-8550uubuntu_linuxxeon_e-2224gthreat_intelligence_exchange_servercore_i7-3687ucore_i7-4558ucore_i7-4550ucore_i7-4770sxeon_e-2226gecore_i7-6650ucore_i3-4340core_i3-4005ucore_m-5y71core_i5-6210ucore_i7-3612qmpentium_g5420pentium_g2140_v2core_i3-7167uceleron_g1620core_i3-6100tcore_i5-9400hcore_i7-8500ycore_i7-7567uleapcore_i7-5557ucore_i7-4960hqxeon_e3-1286_v3core_i5-4308upentium_g2020_v2celeron_3755ucore_i7-4710mqxeon_e3-1230_v3simatic_field_pg_m5_firmwaresimatic_ipc847d_firmwarecore_i7-7820hqpentium_g5500txeon_e3-1585l_v5celeron_g3920tcore_i5-8210ycore_i7-3520mpentium_b915ccore_i3-6100eceleron_2980uceleron_3955ucore_i5-4210uxeon_e3-1275_v5xeon_e3-1221_v3xeon_e3-1240_v5xeon_e3-1230l_v3core_i7-6567usimatic_ipc677ecore_i7-5775ccore_i3-7101ecore_i7-3770txeon_e3-1515m_v5xeon_e3-1225_v5core_i5-8500core_i7-3635qmcore_9300hcore_i7-4790score_i7-7510ucore_i5-4570score_i7-8510ycore_i3-4350tceleron_g1610tcore_i5-8265upentium_3765ucore_i7-5700eqcore_i3-4012ycore_i3-6110ucore_i3-7007ucore_i5-6300hqxeon_e-2254mesimatic_field_pg_m4core_i5-6440hqcore_i7-7y75core_i7-4702eccore_i7-6700xeon_e3-1220_v3core_i3-8350kcore_i5-3337ucore_i5-7500txeon_e3-1505m_v6core_i5-3470core_i7-3689ycore_i7-7700kcore_i7-8705gpentium_g3450core_i7-8665uxeon_e-2276mcore_i3-8300tcore_i7-7660ucore_i7-6600ucore_i7-8706gxeon_e3-1220l_v2core_i3-4330core_i3-4170txeon_e3-1565l_v5xeon_e-2236core_i7-3537ucore_i7-4500uxeon_e3-1240_v6core_i5-6310ucore_i7-8700pentium_g3260tceleron_2981ucore_i3-6300tcore_i5-3330core_i3-6120core_i5-8400pentium_g3250tcore_i5-3380mcore_i7-3517uecore_i7-3720qmcore_i7-7700tcore_i5-10210ucore_i5-4350upentium_2030m_v2core_i7-6770hqcore_i7-8700kxeon_e3-1268l_v3core_m-5y10asimatic_ipc347ecore_i7-5850eqcore_i7-4578ucore_i5-7442eqxeon_e-2134pentium_2129y_v2core_i5-3550score_i3-4130tpentium_g4500tcore_i3-3220tcore_i7-4771core_i5-4590sxeon_e3-1285_v6core_i7-3667uceleron_725cxeon_e3-1278l_v4core_i3-3120mcore_i5-4250uxeon_e3-1220l_v3xeon_e3-1225_v6core_i3-4100msimatic_ipc847dcore_i7-10510yxeon_e3-1240l_v5core_i7-4722hqcore_i5-4430ssimatic_ipc477ecore_i5-6442eqcore_i7-4790simatic_field_pg_m4_firmwarecore_i5-8420tceleron_g3900core_i5-9600kxeon_e3-1290_v2pentium_3205uxeon_e3-1286l_v3xeon_e3-1125c_v2core_i5-3340core_i7-7700hqpentium_g5600core_i7-3540mxeon_e3-1245_v3core_i7-3610qecore_i3-8100hxeon_e3-1245_v5core_i7-6870hqxeon_e3-1230_v2pentium_3556upentium_g4500celeron_1005mcore_i5-4210hcore_i5-3330spentium_g3220tcore_i5-8350ucore_i7-4800mqcore_i3-4010ycore_i7-4750hqcore_i5-7300upentium_2117u_v2xeon_e3-1240_v2xeon_e-2246gcore_i5-8500tcore_8269ucore_i5-7500core_i5-4670rcore_i3-4110mcore_i5-4670tcore_i5-3610mecore_i5-4690core_i7-4700eqcore_i3-4370tcore_i5-6400pentium_3825upentium_b925cxeon_e3-1241_v3simatic_ipc677dcore_i5-3427ucore_i5-7200upentium_g4540core_i5-3570spentium_g2030t_v2celeron_g1820tceleron_g3930esimatic_ipc847e_firmwarecore_i7-4702hqcore_i9-8950hkpentium_g4520core_i7-3820qmpentium_4405ucore_i5-5350core_i7-7920hqxeon_e-2254mlxeon_e3-1545m_v5core_i5-8400tcore_i3-5015ucore_i5-4590simatic_ipc477e_procore_i3-4158ucore_m-5y51core_i5-8420core_i7-8670txeon_e3-1578l_v5core_i7-6660uxeon_e3-1270_v5celeron_3965ucore_i7-4720hqcore_i7-5500uxeon_e3-1260l_v5simatic_ipc647ecore_i7-3840qm_core_i5-4570xeon_e3-1246_v3core_i3-7100hceleron_g1840core_i3-3245core_i3-4370xeon_e3-1265lxeon_e3-1235_v2core_i7-4610yxeon_e-2276mlxeon_e-2244gceleron_1037ucore_i9-9900kxeon_e-2176gcore_i5-4460txeon_e3-1275l_v3simatic_ipc3000_smart_firmwarecore_i3-4350celeron_g1630core_i3-6320tcore_i5-3320mcore_i5-4670core_i3-7120core_i7-8709gsimatic_ipc627ecore_i5-6287ucore_i5-4210ycore_i7-4712mqcore_i5-9400core_i3-8100tpentium_4415ucore_i7-4510ucore_i7-5950hqcore_i5-6500tcore_i5-6260ucore_i3-7120tcore_i7-8557ucore_i7-5550uxeon_e3-1245_v2simatic_ipc547gceleron_g1610core_i7-8700tcore_i3-4150tcore_i7-4770kcore_i3-4030ucore_i7-6820hqcore_i5-7400core_i7-8650ucore_i7-3615qmcore_i5-4200ucore_i5-6600core_i7-6700tcore_i7-6920hqcore_i3-3115ccore_i3-6100uxeon_e3-1230_v6core_i3-4330tpentium_g4400tecore_i3-3110mcore_i5-4670sxeon_e3-1276_v3simatic_ipc627e_firmwarecore_i5-8500bxeon_e-2124gcore_i5-5575rxeon_e3-1231_v3core_i5-3230msimotion_p320-4e_firmwarexeon_e-2288gcore_i5-3475sxeon_e-2234core_i7-4900mqpentium_g4520tcore_i3-6320core_i5-9400fcore_i7-6700kcore_i3-8000core_i7-9850hpentium_3560ycore_i3-7320tcore_i5-7440eqceleron_1007ucore_i7-8560uceleron_g3900tcore_i7-3770score_i5-4690score_i3-8000tceleron_g3920core_i5-6400tpentium_g2130_v2core_i3-7100uceleron_g1850core_i5-5287ucore_i3-7101tesimatic_ipc677d_firmwarecore_i5-3570txeon_e3-1105c_v2core_i5-7600kcore_m5-6y57core_i5-8250upentium_g2010_v2core_5405usimatic_ipc547e_firmwarexeon_e-2126gcore_i5-3340score_i3-4130core_i7-7820eqcore_i5-3570kceleron_g1840tcore_i5-4300ycore_i5-7360uxeon_e3-1240_v3core_i7-4700mqcore_i5-6500core_i3-7340celeron_1017ucore_9750hfcore_i3-5157uxeon_e3-1220_v6core_i5-6200ucore_i5-3339ycore_m3-8100ysimatic_ipc477dcore_i5-5675rxeon_e3-1225_v2xeon_e-2186mcore_i3-4030ysimatic_itp1000_firmwarexeon_e-2176mxeon_e3-1285_v4core_i3-3250tcore_i7-6820hkpentium_g3420pentium_g3420tpentium_g4400core_i3-3120mecore_i5-4570tcore_i5-10310ycore_i7-3615qecore_i7-3630qmxeon_e-2284gcore_i3-6102ecore_i3-3210core_i5-6600tcore_i5-4430core_i3-8020core_i5-3439ycore_i7-4810mqxeon_e3-1275_v6core_i7-6510uxeon_e3-1575m_v5xeon_e-2278gxeon_e3-1505l_v5xeon_e3-1245_v6core_i3-4010ucore_i7-8850hcore_i5-7210ucore_i3-7130ucore_i7-4650ucore_i7-3555lecore_i7-4760hqsimatic_itp1000core_i5-5350ucore_i7-4700eccore_i7-6820eqcore_i7-3610qmcore_i7-4770tcore_i5-8650simatic_ipc647dcore_i5-6500texeon_e3-1235l_v5core_i7-5700hqcore_m3-7y30xeon_e3-1285l_v3core_i5-4202ycore_i5-4302yceleron_g4950celeron_1000mcore_i3-4360tpentium_g2120t_v2core_i3-3225celeron_g4900pentium_4405ycore_i3-3217ucore_i3-5010upentium_g5500xeon_e3-1275_v2core_i5-8200ycore_i3-6100core_i5-4460score_i5-8310ycore_i5-7640xpentium_g3450tsimatic_ipc627d_firmwareceleron_g1620tcore_i5-7440hqcore_i5-6360uxeon_e-2144gcore_i7-8569ucore_i5-8650kcore_i5-3470tcore_i7-5750hqcore_i5-4590tcore_i5-6267ucore_i5-3350pcore_i5-4288uceleron_3965ypentium_g3470core_i5-3450sceleron_g3900tepentium_g3240tcore_i5-3210mceleron_3855usimatic_ipc677e_firmwarecore_i5-6440eqcore_i5-4200ycore_i5-8600tcore_i5-8305gcore_i9-9980hkcore_i7-4870hqcore_i7-8559upentium_g2100t_v2xeon_e-2146gcore_i3-6100tepentium_g3250core_i3-8130upentium_g5400pentium_2020m_v2xeon_e3-1270Intel(R) Processors
CWE ID-CWE-459
Incomplete Cleanup
CVE-2005-4789
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.06% / 17.94%
||
7 Day CHG~0.00%
Published-26 Apr, 2006 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2016-6110
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 16.15%
||
7 Day CHG~0.00%
Published-01 Feb, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-linux_kerneltivoli_storage_managertivoli_storage_manager_for_virtual_environments_data_protection_for_vmwarewindowsTivoli Storage Manager
CVE-2006-0095
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.13% / 33.55%
||
7 Day CHG~0.00%
Published-06 Jan, 2006 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2005-4788
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.06% / 17.94%
||
7 Day CHG~0.00%
Published-26 Apr, 2006 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices."

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2005-4605
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.98% / 75.89%
||
7 Day CHG~0.00%
Published-03 Jan, 2006 | 16:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2005-3147
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.06% / 18.48%
||
7 Day CHG~0.00%
Published-05 Oct, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.

Action-Not Available
Vendor-storebackupn/aSUSE
Product-suse_linuxstorebackupn/a
CVE-2005-3179
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.06% / 17.11%
||
7 Day CHG~0.00%
Published-11 Oct, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2020-0067
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.10% / 28.26%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 18:03
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions: Android kernel. Android ID: A-120551147.

Action-Not Available
Vendor-n/aCanonical Ltd.Google LLC
Product-androidubuntu_linuxAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-9453
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.21% / 43.21%
||
7 Day CHG~0.00%
Published-06 Sep, 2019 | 21:51
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-n/aCanonical Ltd.Google LLC
Product-androidubuntu_linuxAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2005-0530
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.07% / 21.18%
||
7 Day CHG~0.00%
Published-24 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2005-0529
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.08% / 25.32%
||
7 Day CHG~0.00%
Published-24 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2005-0400
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.09% / 25.99%
||
7 Day CHG~0.00%
Published-05 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2004-2136
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.07% / 21.84%
||
7 Day CHG~0.00%
Published-01 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2004-0565
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.07% / 22.99%
||
7 Day CHG~0.00%
Published-08 Jul, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

Action-Not Available
Vendor-trustixn/aLinux Kernel Organization, IncGentoo Foundation, Inc.Mandriva (Mandrakesoft)
Product-linux_kernelmandrake_linux_corporate_servermandrake_multi_network_firewalllinuxsecure_linuxmandrake_linuxn/a
CVE-2004-1073
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.20% / 42.06%
||
7 Day CHG~0.00%
Published-01 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.

Action-Not Available
Vendor-trustixturbolinuxn/aRed Hat, Inc.Linux Kernel Organization, IncSUSE
Product-linux_kernelsecure_linuxturbolinux_serverenterprise_linux_desktopsuse_linuxfedora_coreenterprise_linuxlinux_advanced_workstationn/a
CVE-2003-0476
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.11% / 30.26%
||
7 Day CHG~0.00%
Published-28 Jun, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2019-9445
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.24% / 47.27%
||
7 Day CHG~0.00%
Published-06 Sep, 2019 | 21:50
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-n/aCanonical Ltd.Google LLCDebian GNU/Linux
Product-androiddebian_linuxubuntu_linuxAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2002-1571
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.07% / 23.10%
||
7 Day CHG~0.00%
Published-23 Jan, 2006 | 22:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2016-1581
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.30%
||
7 Day CHG~0.00%
Published-09 Jun, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.

Action-Not Available
Vendor-n/aCanonical Ltd.
Product-ubuntu_linuxlxdn/a
CWE ID-CWE-284
Improper Access Control
CVE-2014-1445
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.04% / 13.28%
||
7 Day CHG~0.00%
Published-18 Jan, 2014 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2001-0178
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.10% / 28.69%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

Action-Not Available
Vendor-conectivan/aSUSEThe MITRE Corporation (Caldera)Mandriva (Mandrakesoft)
Product-mandrake_linux_corporate_serversuse_linuxopenlinux_edesktoplinuxmandrake_linuxn/a
CVE-2004-0394
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.11% / 29.75%
||
7 Day CHG~0.00%
Published-05 May, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2004-0535
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.09% / 26.54%
||
7 Day CHG~0.00%
Published-08 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

Action-Not Available
Vendor-conectivaengardelinuxn/aLinux Kernel Organization, IncGentoo Foundation, Inc.SUSEMandriva (Mandrakesoft)
Product-suse_linux_office_serverlinux_kernelsuse_email_serversuse_linux_database_serversecure_communitysuse_linux_connectivity_serverlinuxmandrake_linux_corporate_serversuse_linux_firewall_live-cdmandrake_multi_network_firewallsuse_linux_admin-cd_for_firewallsuse_linuxsuse_office_serversecure_linuxsuse_linux_firewall_cdmandrake_linuxn/a
CVE-2004-0415
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.30% / 52.73%
||
7 Day CHG~0.00%
Published-05 Aug, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.

Action-Not Available
Vendor-trustixn/aRed Hat, Inc.Linux Kernel Organization, Inc
Product-linux_kernelsecure_linuxfedora_coren/a
CVE-2004-0181
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.07% / 20.53%
||
7 Day CHG~0.00%
Published-17 Apr, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2004-0133
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.06% / 19.78%
||
7 Day CHG~0.00%
Published-17 Apr, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2013-2546
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.07% / 23.00%
||
7 Day CHG~0.00%
Published-14 Mar, 2013 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, Inc
Product-linux_kernelenterprise_mrgn/a
CVE-2013-2148
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.08% / 24.47%
||
7 Day CHG~0.00%
Published-07 Jun, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2013-2147
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.08% / 23.46%
||
7 Day CHG~0.00%
Published-07 Jun, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncSUSE
Product-linux_kernellinux_enterprise_servern/a
CVE-2005-3276
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.11% / 30.01%
||
7 Day CHG~0.00%
Published-20 Oct, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2003-0501
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.22% / 44.89%
||
7 Day CHG~0.00%
Published-04 Jul, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2019-7222
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 10.05%
||
7 Day CHG~0.00%
Published-17 Mar, 2019 | 18:52
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

Action-Not Available
Vendor-n/aFedora ProjectopenSUSECanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxelement_software_management_nodeenterprise_linux_server_ausenterprise_linuxenterprise_linux_for_real_time_for_nfventerprise_linux_for_real_time_tusenterprise_linux_desktopactive_iq_performance_analytics_servicesdebian_linuxlinux_kernelenterprise_linux_workstationfedoraenterprise_linux_eusenterprise_linux_server_tusenterprise_linux_for_real_time_for_nfv_tusenterprise_linux_for_real_timeleapn/a
CVE-2019-5489
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.29% / 52.04%
||
7 Day CHG~0.00%
Published-07 Jan, 2019 | 18:00
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-element_software_management_nodeactive_iq_performance_analytics_serviceslinux_kerneln/a
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2019-4619
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.09% / 26.64%
||
7 Day CHG~0.00%
Published-16 Mar, 2020 | 15:25
Updated-16 Sep, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 168862.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelhp-uxmq_appliancewindowswebsphere_mqmqaixMQ
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2019-4719
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.09% / 26.64%
||
7 Day CHG~0.00%
Published-16 Mar, 2020 | 15:25
Updated-16 Sep, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelmq_appliancewebsphere_mqhp-uxwindowsmqaixMQ
CVE-2019-3500
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.16%
||
7 Day CHG~0.00%
Published-02 Jan, 2019 | 07:00
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.

Action-Not Available
Vendor-aria2_projectn/aCanonical Ltd.Fedora ProjectDebian GNU/Linux
Product-debian_linuxubuntu_linuxfedoraaria2n/a
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2019-2101
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 30.12%
||
7 Day CHG~0.00%
Published-07 Jun, 2019 | 19:41
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-111760968.

Action-Not Available
Vendor-Canonical Ltd.AndroidGoogle LLCDebian GNU/Linux
Product-androiddebian_linuxubuntu_linuxAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-19535
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 7.89%
||
7 Day CHG~0.00%
Published-03 Dec, 2019 | 15:38
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSEDebian GNU/LinuxOracle Corporation
Product-debian_linuxlinux_kernelsd-wan_edgeleapn/a
CWE ID-CWE-909
Missing Initialization of Resource
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2019-19534
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.4||LOW
EPSS-0.08% / 24.19%
||
7 Day CHG~0.00%
Published-03 Dec, 2019 | 15:38
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.3.11, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver, aka CID-f7a1337f0d29.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-909
Missing Initialization of Resource
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 29
  • 30
  • Next
Details not found