National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:-
There are 3,103 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2020-4212

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175023.

Published: February 24, 2020; 11:15:12 AM -05:00
V3.1: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2020-4211

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175022.

Published: February 24, 2020; 11:15:12 AM -05:00
V3.1: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2020-4210

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175020.

Published: February 24, 2020; 11:15:12 AM -05:00
V3.1: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2011-4915

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

Published: February 20, 2020; 01:15:11 PM -05:00
V3.1: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2020-4230

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 and 11.5 is vulnerable to an escalation of privilege when an authenticated local attacker with special permissions executes specially crafted Db2 commands. IBM X-Force ID: 175212.

Published: February 19, 2020; 11:15:12 AM -05:00
V3.1: 6.7 MEDIUM
    V2: 4.6 MEDIUM
CVE-2020-4204

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 174960.

Published: February 19, 2020; 11:15:11 AM -05:00
V3.1: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2020-4200

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service. IBM X-Force ID: 174914.

Published: February 19, 2020; 11:15:11 AM -05:00
V3.1: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2020-4161

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 could allow an authenticated attacker to cause a denial of service due to incorrect handling of certain commands. IBM X-Force ID: 174341.

Published: February 19, 2020; 11:15:11 AM -05:00
V3.1: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2020-4135

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage.

Published: February 19, 2020; 11:15:11 AM -05:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-8992

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

Published: February 14, 2020; 12:15:13 AM -05:00
V3.1: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2020-0561

Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Published: February 13, 2020; 02:15:13 PM -05:00
V3.1: 7.8 HIGH
    V2: 4.6 MEDIUM
CVE-2019-4741

IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 172815.

Published: February 12, 2020; 11:15:11 AM -05:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2012-0810

The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.

Published: February 12, 2020; 09:15:10 AM -05:00
V3.1: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2009-4067

Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.

Published: February 11, 2020; 02:15:10 PM -05:00
V3.1: 6.8 MEDIUM
    V2: 7.2 HIGH
CVE-2020-8649

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.

Published: February 05, 2020; 08:15:10 PM -05:00
V3.1: 7.1 HIGH
    V2: 3.6 LOW
CVE-2020-8648

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

Published: February 05, 2020; 08:15:10 PM -05:00
V3.1: 7.1 HIGH
    V2: 3.6 LOW
CVE-2020-8647

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.

Published: February 05, 2020; 08:15:10 PM -05:00
V3.1: 7.1 HIGH
    V2: 3.6 LOW
CVE-2019-4616

IBM Cloud Automation Manager 3.2.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 168644.

Published: February 05, 2020; 11:15:11 AM -05:00
V3.1: 3.5 LOW
    V2: 2.9 LOW
CVE-2015-2802

An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.

Published: February 04, 2020; 04:15:10 PM -05:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-4207

IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. IBM X-Force ID: 174972.

Published: January 28, 2020; 02:15:14 PM -05:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH