Page 20 of 289 results (0.013 seconds)

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump. • http://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.html http://marc.info/?l=linux-kernel&m=112430346613450&w=2 http://marc.info/?l=linux-kernel&m=112508422716574&w=2 http://secunia.com/advisories/19038 http://secunia.com/advisories/19374 http://www.debian.org/security/2006/dsa-1017 http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git%3Ba=blob%3Bh=f6cc7e101c49f356e4c4df5cca1ff352a0f01dd5%3Bhb=9c5fcb99af7c157be45e9d53aeb857ded5211fcd%3Bf=2.6.12.6/nptl-signal-d • CWE-667: Improper Locking •

CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0

docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality. • http://secunia.com/advisories/17173 http://secunia.com/advisories/17309 http://secunia.com/advisories/17676 http://www.debian.org/security/2005/dsa-910 http://www.gentoo.org/security/en/glsa/glsa-200510-20.xml http://www.novell.com/linux/security/advisories/2005_27_sr.html http://www.securityfocus.com/bid/15082 http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert https://usn.ubuntu.com/229-1 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call. • https://www.exploit-db.com/exploits/27728 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330895 http://secunia.com/advisories/19754 http://www.debian.org/security/2006/dsa-1039 http://www.securityfocus.com/bid/17663 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 4.7EPSS: 1%CPEs: 3EXPL: 0

Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired. • http://lkml.org/lkml/2005/6/23/249 http://lkml.org/lkml/2005/6/24/173 http://secunia.com/advisories/17826 http://secunia.com/advisories/18056 http://secunia.com/advisories/18684 http://secunia.com/advisories/18977 http://www.debian.org/security/2005/dsa-922 http://www.kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=e684f066dff5628bb61ad1912de6e8058b5b4c7d http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 http://www.mandriva.c • CWE-476: NULL Pointer Dereference •

CVSS: 9.8EPSS: 4%CPEs: 3EXPL: 1

Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. • https://www.exploit-db.com/exploits/1256 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://secunia.com/advisories/17150 http://secunia.com/advisories/17216 http://secunia.com/advisories/17230 http://secunia.com/advisories/1723 • CWE-131: Incorrect Calculation of Buffer Size •