National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:linux:linux_kernel:2.6.33:rc4
There are 2,186 matching records.
Displaying matches 2081 through 2100.
Vuln ID Summary CVSS Severity
CVE-2010-2219

Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service (memory consumption) via unknown vectors.

Published: August 11, 2010; 02:47:50 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-2218

Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to a "JS method issue."

Published: August 11, 2010; 02:47:50 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-2217

Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability."

Published: August 11, 2010; 02:47:50 PM -04:00
    V2: 10.0 HIGH
CVE-2010-2221

Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.

Published: July 08, 2010; 02:30:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2010-2071

The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl.

Published: June 16, 2010; 04:30:02 PM -04:00
    V2: 4.6 MEDIUM
CVE-2010-1641

The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.

Published: June 01, 2010; 04:30:02 PM -04:00
    V2: 4.6 MEDIUM
CVE-2010-2027

Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf.

Published: May 24, 2010; 03:30:01 PM -04:00
    V2: 1.9 LOW
CVE-2010-1437

Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.

Published: May 07, 2010; 02:30:01 PM -04:00
    V2: 1.9 LOW
CVE-2010-1173

The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.

Published: May 07, 2010; 02:30:01 PM -04:00
    V2: 7.1 HIGH
CVE-2010-1034

Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.

Published: April 23, 2010; 10:30:01 AM -04:00
    V2: 4.6 MEDIUM
CVE-2010-1488

The proc_oom_score function in fs/proc/base.c in the Linux kernel before 2.6.34-rc4 uses inappropriate data structures during selection of a candidate for the OOM killer, which might allow local users to cause a denial of service via unspecified patterns of task creation.

Published: April 20, 2010; 11:30:00 AM -04:00
    V2: 2.1 LOW
CVE-2010-1162

The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the put_pid function, which has unspecified impact and local attack vectors.

Published: April 20, 2010; 11:30:00 AM -04:00
    V2: 7.2 HIGH
CVE-2010-1146

The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.

Published: April 12, 2010; 02:30:00 PM -04:00
    V2: 6.9 MEDIUM
CVE-2010-1139

Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.

Published: April 12, 2010; 02:30:00 PM -04:00
    V2: 7.2 HIGH
CVE-2010-1347

Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts.

Published: April 12, 2010; 01:30:00 PM -04:00
    V2: 7.2 HIGH
CVE-2010-1148

The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions.

Published: April 12, 2010; 01:30:00 PM -04:00
    V2: 4.7 MEDIUM
CVE-2010-1088

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.

Published: April 06, 2010; 06:30:00 PM -04:00
    V2: 5.4 MEDIUM
CVE-2010-1087

The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.

Published: April 06, 2010; 06:30:00 PM -04:00
    V2: 7.8 HIGH
CVE-2010-1086

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE.

Published: April 06, 2010; 06:30:00 PM -04:00
    V2: 7.8 HIGH
CVE-2010-1085

The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service (crash) via unknown manipulations that trigger a divide-by-zero error.

Published: April 06, 2010; 06:30:00 PM -04:00
    V2: 7.1 HIGH