Page 581 of 2909 results (0.017 seconds)

CVSS: 3.8EPSS: 0%CPEs: 255EXPL: 1

The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature. La función dispatch_discard_io en drivers/block/xen-blkback/blkback.c en la implementación Xen blkback en el kernel de Linux anterior a v3.10.5 permite a usuarios invitados del sistema operativo provocar una denegación de servicio (pérdida de datos) a través de operaciones de escritura del sistema de ficheros en un disco de sólo lectura que soporte la funcionalidad BLKIF_OP_DISCARD (aka discard o TRIM) o SCSI UNMAP. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=604c499cbbcc3d5fe5fb8d53306aa0fae1990109 http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-2140.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.5 http://www.openwall.com/lists/oss-security/2013/06/05/21 http://www.ubuntu.com/usn/USN-1938-1 http://www.ubuntu.com/usn/USN-1943-1 http://www.ubuntu.com/usn/USN-1944-1 http://www.ubuntu.com/usn/USN • CWE-20: Improper Input Validation •

CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0

Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. Desbordamiento de buffer en la función glob de glibc para Red Hat Linux 6.2 a 7.2, y otros sistemas operativos, permite a atacantes causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrarios mediante un patrón de glob que acaba en una llave "{" • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000447 http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-037-01 http://sources.redhat.com/ml/bug-glibc/2001-11/msg00109.html http://www.ciac.org/ciac/bulletins/m-029.shtml http://www.debian.org/security/2002/dsa-103 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-095.php3 http://www.linuxsecurity.com/advisories/other_advisory-1752.html http://www.redhat.com/support/errata/RHSA-2001-160&# •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. • http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp https://exchange.xforce.ibmcloud.com/vulnerabilities/7251 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. • http://marc.info/?l=bugtraq&m=88603844115233&w=2 http://www.debian.org/security/2003/dsa-308 http://www.iss.net/security_center/static/7241.php http://www.osvdb.org/3812 http://www.redhat.com/support/errata/rh50-errata-general.html#gzip http://www.securityfocus.com/bid/7845 •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. • http://marc.info/?l=bugtraq&m=89042322924057&w=2 http://www.iss.net/security_center/static/7240.php http://www.osvdb.org/6111 http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp •