Export limit exceeded: 20091 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (20091 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-1520 3 Ibm, Linux, Microsoft 4 Db2, Db2 Connect, Linux Kernel and 1 more 2025-04-20 N/A
IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.
CVE-2017-15649 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-20 N/A
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.
CVE-2017-1519 3 Ibm, Linux, Microsoft 4 Db2, Db2 Connect, Linux Kernel and 1 more 2025-04-20 N/A
IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829.
CVE-2017-15116 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt 2025-04-20 N/A
The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).
CVE-2017-1508 2 Ibm, Linux 2 Informix Dynamic Server, Linux Kernel 2025-04-20 N/A
IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges. IBM X-Force ID: 129620.
CVE-2016-10318 1 Linux 1 Linux Kernel 2025-04-20 N/A
A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service.
CVE-2016-10285 1 Linux 1 Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33752702. References: QC-CR#1104899.
CVE-2017-7533 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux, Enterprise Mrg and 2 more 2025-04-20 7.0 High
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
CVE-2017-2928 6 Adobe, Apple, Google and 3 more 8 Flash Player, Mac Os X, Chrome Os and 5 more 2025-04-20 8.8 High
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2934 6 Adobe, Apple, Google and 3 more 8 Flash Player, Mac Os X, Chrome Os and 5 more 2025-04-20 8.8 High
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2987 6 Adobe, Apple, Google and 3 more 9 Flash Player, Flash Player Desktop Runtime, Mac Os X and 6 more 2025-04-20 8.8 High
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
CVE-2017-7477 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt 2025-04-20 7.0 High
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.
CVE-2016-10086 5 Ca, Ibm, Linux and 2 more 6 Service Desk Management, Service Desk Manager, Aix and 3 more 2025-04-20 N/A
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.
CVE-2017-14991 1 Linux 1 Linux Kernel 2025-04-20 N/A
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.
CVE-2017-2991 6 Adobe, Apple, Google and 3 more 9 Flash Player, Flash Player Desktop Runtime, Mac Os X and 6 more 2025-04-20 8.8 High
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
CVE-2017-6874 1 Linux 1 Linux Kernel 2025-04-20 7.0 High
Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that causes incorrect interaction between put_ucounts and get_ucounts.
CVE-2017-2993 6 Adobe, Apple, Google and 3 more 9 Flash Player, Flash Player Desktop Runtime, Mac Os X and 6 more 2025-04-20 8.8 High
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2995 6 Adobe, Apple, Google and 3 more 9 Flash Player, Flash Player Desktop Runtime, Mac Os X and 6 more 2025-04-20 8.8 High
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2996 6 Adobe, Apple, Google and 3 more 9 Flash Player, Flash Player Desktop Runtime, Mac Os X and 6 more 2025-04-20 8.8 High
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
CVE-2017-14954 1 Linux 1 Linux Kernel 2025-04-20 N/A
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call.