CVSS: 7.8EPSS: 0%CPEs: 270EXPL: 0CVE-2011-1011 – policycoreutils: insecure temporary directory handling in seunshare
https://notcve.org/view.php?id=CVE-2011-1011
24 Feb 2011 — The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp... • http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 56EXPL: 0CVE-2007-1352 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1352
06 Apr 2007 — Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 •
CVSS: 7.2EPSS: 0%CPEs: 134EXPL: 0CVE-2004-1057
https://notcve.org/view.php?id=CVE-2004-1057
21 Jan 2005 — Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages. • http://secunia.com/advisories/18562 •
CVSS: 10.0EPSS: 44%CPEs: 13EXPL: 3CVE-2004-0557 – SoX - '.wav' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0557
02 Aug 2004 — Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. Múltiples desbordamientos de búfer en Sound eXchange (SoX) anteriores a 12.17 permite a atacantes remotos ejecutar código arbitrario mediante ciertos campos de cabecera de ficheros WAV. • https://www.exploit-db.com/exploits/374 •
CVSS: 7.8EPSS: 0%CPEs: 55EXPL: 0CVE-2004-0495
https://notcve.org/view.php?id=CVE-2004-0495
23 Jun 2004 — Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. Múltiples vulnerabilidades desconocidas en el kernel de Linux 2.4 y 2.6 permiten a usuarios locales ganar privilegios o acceder a memoria del kernel, como se ha encontrado mediante la herramienta de comprobación de código fuente "Sparse". • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845 •
CVSS: 5.5EPSS: 0%CPEs: 55EXPL: 1CVE-2004-0554 – Linux Kernel 2.4.x/2.6.x - Assembler Inline Function Local Denial of Service
https://notcve.org/view.php?id=CVE-2004-0554
15 Jun 2004 — Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. El kernel de Linux 2.4.2x y 2.6.x para x86 permite a usuarios locales causar una denegación de servicio (caída del sistema), posiblemente mediante un bucle infinito que dispara un manejador de señal con una cierta secuencia de instruccion... • https://www.exploit-db.com/exploits/306 •
CVSS: 7.1EPSS: 0%CPEs: 93EXPL: 0CVE-2004-0535
https://notcve.org/view.php?id=CVE-2004-0535
08 Jun 2004 — The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otra... • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2000-0314
https://notcve.org/view.php?id=CVE-2000-0314
12 Mar 2001 — traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. • ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2000-0315
https://notcve.org/view.php?id=CVE-2000-0315
12 Mar 2001 — traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. • ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc •
CVSS: 5.5EPSS: 1%CPEs: 8EXPL: 1CVE-1999-0986 – Linux Kernel 2.0.x (Debian 2.1 / RedHat 5.2) - Packet Length with Options
https://notcve.org/view.php?id=CVE-1999-0986
08 Dec 1999 — The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. • https://www.exploit-db.com/exploits/19675 •