cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2016-3707,https://securityvulnerability.io/vulnerability/CVE-2016-3707,,"The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.",Linux,"Linux Kernel-rt,Enterprise Linux For Real Time,Enterprise Linux For Real Time For Nfv",8.1,HIGH,0.031950000673532486,false,false,false,false,,false,false,2016-06-27T10:00:00.000Z,0
CVE-2014-8159,https://securityvulnerability.io/vulnerability/CVE-2014-8159,,"The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/.",Linux,"Linux Kernel,Enterprise Linux",,,0.0004600000102072954,false,false,false,false,,false,false,2015-03-16T10:00:00.000Z,0
CVE-2013-2164,https://securityvulnerability.io/vulnerability/CVE-2013-2164,,The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.,Linux,"Linux Kernel,Enterprise Linux,Enterprise Mrg",,,0.0004400000034365803,false,false,false,false,,false,false,2013-07-04T21:00:00.000Z,0
CVE-2011-1576,https://securityvulnerability.io/vulnerability/CVE-2011-1576,,"The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478.",Linux,"Linux Kernel,Enterprise Linux",,,0.00887999963015318,false,false,false,false,,false,false,2011-08-31T23:55:00.000Z,0
CVE-2011-0714,https://securityvulnerability.io/vulnerability/CVE-2011-0714,,"Use-after-free vulnerability in a certain Red Hat patch for the RPC server sockets functionality in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 might allow remote attackers to cause a denial of service (crash) via malformed data in a packet, related to lockd and the svc_xprt_received function.",Linux,"Linux Kernel,Enterprise Linux",,,0.0036899999249726534,false,false,false,false,,false,false,2011-05-04T22:00:00.000Z,0
CVE-2010-4161,https://securityvulnerability.io/vulnerability/CVE-2010-4161,,"The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (deadlock and system hang) by sending UDP traffic to a socket that has a crafted socket filter, a related issue to CVE-2010-4158.",Linux,"Linux Kernel,Enterprise Linux",,,0.0011399999493733048,false,false,false,false,,false,false,2010-12-30T18:00:00.000Z,0
CVE-2009-4272,https://securityvulnerability.io/vulnerability/CVE-2009-4272,,"A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing ""emergency"" in which a hash chain is too long.  NOTE: this is related to an issue in the Linux kernel before 2.6.31, when the kernel routing cache is disabled, involving an uninitialized pointer and a panic.",Linux,"Linux Kernel,Enterprise Linux",7.5,HIGH,0.02864000014960766,false,false,false,false,,false,false,2010-01-27T17:00:00.000Z,0
CVE-2009-3556,https://securityvulnerability.io/vulnerability/CVE-2009-3556,,"A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class/scsi_host/, which allows local users to make arbitrary changes to SCSI host attributes by modifying these files.",Linux,"Linux Kernel,Enterprise Linux",,,0.0004199999966658652,false,false,false,false,,false,false,2010-01-27T17:00:00.000Z,0
CVE-2008-2365,https://securityvulnerability.io/vulnerability/CVE-2008-2365,,"Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to ""late ptrace_may_attach() check"" and ""race around &dead_engine_ops setting,"" a different vulnerability than CVE-2007-0771 and CVE-2008-1514.  NOTE: this issue might only affect kernel versions before 2.6.16.x.",Linux,"Linux Kernel,Enterprise Linux Desktop,Enterprise Linux",,,0.0004199999966658652,false,false,false,false,,false,false,2008-06-30T21:00:00.000Z,0
CVE-2007-0771,https://securityvulnerability.io/vulnerability/CVE-2007-0771,,"The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to ""MT exec + utrace_attach spin failure mode,"" as demonstrated by ptrace-thrash.c.",Linux,"Linux Kernel,Enterprise Linux",,,0.0004199999966658652,false,false,false,false,,false,false,2007-05-02T22:00:00.000Z,0
CVE-2005-0001,https://securityvulnerability.io/vulnerability/CVE-2005-0001,,"Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.",Linux,"Linux Kernel,Enterprise Linux,Enterprise Linux Desktop,Secure Linux",,,0.0006500000017695129,false,false,false,false,,false,false,2005-05-02T04:00:00.000Z,0
CVE-2005-0003,https://securityvulnerability.io/vulnerability/CVE-2005-0003,,"The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.",Linux,"Linux Kernel,Mandrake Linux Corporate Server,Enterprise Linux Desktop,Enterprise Linux,Mandrake Linux,Modular Messaging Message Storage Server,S8710,Converged Communications Server,Mn100,Network Routing",,,0.0006200000061653554,false,false,false,false,,false,false,2005-04-14T04:00:00.000Z,0
CVE-2004-0812,https://securityvulnerability.io/vulnerability/CVE-2004-0812,,"Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with ""setting up TSS limits,"" allows local users to cause a denial of service (crash) and possibly execute arbitrary code.",Linux,"Linux Kernel,Enterprise Linux Desktop,Enterprise Linux",,,0.0004199999966658652,false,false,false,false,,false,false,2005-04-14T04:00:00.000Z,0
CVE-2004-1057,https://securityvulnerability.io/vulnerability/CVE-2004-1057,,"Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages.",Linux,"Linux Kernel,Enterprise Linux",,,0.000590000010561198,false,false,false,false,,false,false,2005-01-21T05:00:00.000Z,0
CVE-2004-1068,https://securityvulnerability.io/vulnerability/CVE-2004-1068,,"A ""missing serialization"" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.",Linux,"Linux Kernel,Enterprise Linux,Enterprise Linux Desktop,Ubuntu Linux,Linux Advanced Workstation",,,0.0006300000241026282,false,false,false,false,,false,false,2005-01-10T05:00:00.000Z,0
CVE-2004-0685,https://securityvulnerability.io/vulnerability/CVE-2004-0685,,"Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.",Linux,"Linux Kernel,Secure Linux,Enterprise Linux Desktop,Enterprise Linux",,,0.001769999973475933,false,false,false,false,,false,false,2004-12-23T05:00:00.000Z,0
CVE-2004-0495,https://securityvulnerability.io/vulnerability/CVE-2004-0495,,"Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.",Linux,"Linux Kernel,Suse Linux,Enterprise Linux,Modular Messaging Message Storage Server,Converged Communications Server,Linux",,,0.0004199999966658652,false,false,false,false,,false,false,2004-08-06T04:00:00.000Z,0
CVE-2004-0554,https://securityvulnerability.io/vulnerability/CVE-2004-0554,,"Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a ""crash.c"" program.",Linux,"Linux Kernel,Suse Linux,Enterprise Linux,Modular Messaging Message Storage Server,Converged Communications Server,Linux",,,0.0004900000058114529,false,false,false,false,,false,false,2004-08-06T04:00:00.000Z,0
CVE-2003-0986,https://securityvulnerability.io/vulnerability/CVE-2003-0986,,"Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.",Linux,"Linux Kernel,Enterprise Linux",,,0.0004199999966658652,false,false,false,false,,false,false,2003-12-31T05:00:00.000Z,0