Page 13 of 87 results (0.008 seconds)

CVSS: 7.2EPSS: 0%CPEs: 32EXPL: 0

Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges. • http://linux.bkbits.net:8080/linux-2.6/cset%401.2079 http://linux.bkbits.net:8080/linux-2.6/gnupatch%4041ae6af1cR3mJYlW6D8EHxCKSxuJiQ http://marc.info/?l=bugtraq&m=110306397320336&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://www.novell.com/linux/security/advisories/2004_44_kernel.html http://www.ussg.iu.edu/hypermail/linux/kernel/0411.3/1467.html •

CVSS: 5.0EPSS: 0%CPEs: 32EXPL: 0

MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote. MySQL anteriores a 4.0.20 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una consulta MATCH AGAINST con comillas dobles iniciales pero sin comillas dobles de cierre. • http://bugs.mysql.com/bug.php?id=3870 http://lists.mysql.com/packagers/202 http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml http://www.novell.com/linux/security/advisories/2004_01_sr.html http://www.trustix.net/errata/2004/0054 https://exchange.xforce.ibmcloud.com/vulnerabilities/17768 •

CVSS: 6.2EPSS: 0%CPEs: 79EXPL: 0

A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. Un error de "falta de serialización" en la función unix_dgram_recvmsg en Linux 2.4.27 y anteriores, y 2.6.x hasta 2.6.9, permite a usurios locales ganar privilegios aprovechando una condición de carrera. • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U http://marc.info/?l=bugtraq&m=110306397320336&w=2 http://secunia.com/advisories/19607 http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 http://www.debian.org/security/2006/dsa-1067 http://www.debian.org/security/2006/dsa-1069 http://www.debian.org/security/2006/dsa-1070 http://www.debian.org/security •

CVSS: 1.2EPSS: 0%CPEs: 32EXPL: 0

Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function. Condición de carrera en SELinux 2.6.x a 2.6.9 permite a usuarios locales causar una denegación de servicio (caída del kernel) mediante SOCK_SEQPACKET unix domain sockets, que no son manejados adecuadamente en la función sock_dgram_sendmsg. • http://marc.info/?l=bugtraq&m=110306397320336&w=2 http://marc.info/?l=linux-kernel&m=110045613004761 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 https://exchange.xforce.ibmcloud.com/vulnerabilities/18312 •

CVSS: 10.0EPSS: 4%CPEs: 22EXPL: 0

Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011. Desbordamiento de búfer en proxyd de Cyrus IMAP Server 2.2.9 y anteriores, con la opción imapmagicplus establecida, puede permitir a atacantes remotos ejecutar código de su elección, una vulnerabilidad distinta de CAN-2004-1011. • http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=145 http://asg.web.cmu.edu/cyrus/download/imapd/changes.html http://security.gentoo.org/glsa/glsa-200411-34.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:139 https://exchange.xforce.ibmcloud.com/vulnerabilities/18274 •