Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.32:rc6
There are 2,311 matching records.
Displaying matches 2,181 through 2,200.
Vuln ID Summary CVSS Severity
CVE-2010-2218

Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to a "JS method issue."

Published: August 11, 2010; 2:47:50 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-2217

Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability."

Published: August 11, 2010; 2:47:50 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-2221

Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.

Published: July 08, 2010; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-2071

The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl.

Published: June 16, 2010; 4:30:02 PM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2010-1636

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only file descriptor.

Published: June 07, 2010; 8:30:01 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2010-1641

The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.

Published: June 01, 2010; 4:30:02 PM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2010-2027

Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf.

Published: May 24, 2010; 3:30:01 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-1446

arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke.

Published: May 21, 2010; 1:30:01 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-1451

The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack, which makes it easier for context-dependent attackers to exploit stack-based buffer overflows via a crafted application.

Published: May 07, 2010; 2:30:01 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1437

Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.

Published: May 07, 2010; 2:30:01 PM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2010-1173

The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.

Published: May 07, 2010; 2:30:01 PM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2010-1034

Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.

Published: April 23, 2010; 10:30:01 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2010-1488

The proc_oom_score function in fs/proc/base.c in the Linux kernel before 2.6.34-rc4 uses inappropriate data structures during selection of a candidate for the OOM killer, which might allow local users to cause a denial of service via unspecified patterns of task creation.

Published: April 20, 2010; 11:30:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2010-1162

The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the put_pid function, which has unspecified impact and local attack vectors.

Published: April 20, 2010; 11:30:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2010-1146

The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.

Published: April 12, 2010; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2010-1139

Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.

Published: April 12, 2010; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2010-1347

Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts.

Published: April 12, 2010; 1:30:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2010-1148

The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions.

Published: April 12, 2010; 1:30:00 PM -0400
V3.x:(not available)
V2.0: 4.7 MEDIUM
CVE-2010-1088

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.

Published: April 06, 2010; 6:30:00 PM -0400
V3.x:(not available)
V2.0: 5.4 MEDIUM
CVE-2010-1087

The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.

Published: April 06, 2010; 6:30:00 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH