National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Search Type: Search All
  • Keyword (text search): linux
There are 7,460 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2019-8956

In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.

Published: April 01, 2019; 03:29:01 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2019-1756

A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying a username with a malicious payload in the web UI and subsequently making a request to a specific endpoint in the web UI. A successful exploit could allow the attacker to run arbitrary commands as the root user, allowing complete compromise of the system.

Published: March 27, 2019; 09:29:00 PM -04:00
V3: 7.2 HIGH
V2: 9.0 HIGH
CVE-2019-10125

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

Published: March 27, 2019; 02:29:00 AM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2019-10063

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox after the sandboxed app exits. This fix was incomplete: on 64-bit platforms, the seccomp filter could be bypassed by an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits, which the Linux kernel would treat as equivalent to TIOCSTI.

Published: March 26, 2019; 10:29:00 AM -04:00
V3: 9.0 CRITICAL
V2: 6.8 MEDIUM
CVE-2019-10044

Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.

Published: March 25, 2019; 04:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-9857

In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.

Published: March 21, 2019; 12:01:17 PM -04:00
V3: 5.5 MEDIUM
V2: 4.9 MEDIUM
CVE-2019-7222

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

Published: March 21, 2019; 12:01:11 PM -04:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2019-7221

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

Published: March 21, 2019; 12:01:10 PM -04:00
V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2019-6724

The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local attacker to load a malicious library, resulting in arbitrary code executing as root.

Published: March 21, 2019; 12:01:09 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2019-4094

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to root by loading a malicious shared library. IBM X-Force ID: 158014.

Published: March 21, 2019; 12:01:05 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2018-20669

An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.

Published: March 21, 2019; 12:00:37 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2018-19985

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.

Published: March 21, 2019; 12:00:33 PM -04:00
V3: 4.6 MEDIUM
V2: 2.1 LOW
CVE-2019-0122

Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access.

Published: March 14, 2019; 04:29:01 PM -04:00
V3: 7.1 HIGH
V2: 3.6 LOW
CVE-2019-4016

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894.

Published: March 11, 2019; 06:29:01 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2019-4015

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155893.

Published: March 11, 2019; 06:29:01 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2018-1980

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154078.

Published: March 11, 2019; 06:29:00 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2018-1978

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154069.

Published: March 11, 2019; 06:29:00 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2018-1923

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152859.

Published: March 11, 2019; 06:29:00 PM -04:00
V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2018-1922

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152858.

Published: March 11, 2019; 06:29:00 PM -04:00
V3: 7.8 HIGH
V2: 4.6 MEDIUM
CVE-2019-9686

pacman before 5.1.3 allows directory traversal when installing a remote package via a specified URL "pacman -U <url>" due to an unsanitized file name received from a Content-Disposition header. pacman renames the downloaded package file to match the name given in this header. However, pacman did not sanitize this name, which may contain slashes, before calling rename(). A malicious server (or a network MitM if downloading over HTTP) can send a Content-Disposition header to make pacman place the file anywhere in the filesystem, potentially leading to arbitrary root code execution. Notably, this bypasses pacman's package signature checking. This occurs in curl_download_internal in lib/libalpm/dload.c.

Published: March 11, 2019; 12:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 9.3 HIGH