Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
david howells vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2016-5243
The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel up to and including 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.
Linux Linux Kernel
5.5
CVSSv3
CVE-2016-4569
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel up to and including 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.
Linux Linux Kernel
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
5.5
CVSSv3
CVE-2016-3961
Xen and the Linux kernel up to and including 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Xen Xen
5.5
CVSSv3
CVE-2016-0821
The LIST_POISON feature in include/linux/poison.h in the Linux kernel prior to 4.3, as used in Android 6.0.1 prior to 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for malicious users to bypass a poison-pointer protectio...
Linux Linux Kernel
Google Android 6.0.1
5.5
CVSSv3
CVE-2010-4655
net/core/ethtool.c in the Linux kernel prior to 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call.
Linux Linux Kernel
Vmware Esx 4.1
Vmware Esx 4.0
Canonical Ubuntu Linux 8.04
5.5
CVSSv3
CVE-2005-2456
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an inde...
Linux Linux Kernel 2.6.0
Debian Debian Linux 3.1
4.6
CVSSv3
CVE-2016-2185
The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel prior to 4.5.1 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
Canonical Ubuntu Linux 12.04
Linux Linux Kernel
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Novell Suse Linux Enterprise Real Time Extension 11.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
4.6
CVSSv3
CVE-2016-2186
The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel prior to 4.5.1 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
Linux Linux Kernel
Novell Suse Linux Enterprise Module For Public Cloud 12.0
Novell Suse Linux Enterprise Server 11.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Novell Suse Linux Enterprise Real Time Extension 11.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Real Time Extension 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Debuginfo 11.0
Novell Suse Linux Enterprise Software Development Kit 11.0
Novell Suse Linux Enterprise Software Development Kit 12.0
Canonical Ubuntu Linux 12.04
4.6
CVSSv3
CVE-2016-2187
The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel up to and including 4.5.2 allows physically proximate malicious users to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
Novell Suse Linux Enterprise Server 11
Novell Suse Linux Enterprise Debuginfo 11
Novell Suse Linux Enterprise Software Development Kit 11.0
4.6
CVSSv3
CVE-2016-3951
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel prior to 4.5 allows physically proximate malicious users to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Novell Suse Linux Enterprise Desktop 12
Novell Suse Linux Enterprise Module For Public Cloud 12
Novell Suse Linux Enterprise Real Time Extension 12
Novell Suse Linux Enterprise Software Development Kit 12.0
Novell Suse Linux Enterprise Workstation Extension 12.0
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Live Patching 12.0
Suse Suse Linux Enterprise Software Development Kit 12.0
Linux Linux Kernel 4.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »