Skip to main content
CVE-2012-3412 HIGH POC PATCH This Week

The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel Ubuntu Linux
NVD GitHub
CVSS 2.0
7.8
EPSS
7.0%
CVE-2012-3400 HIGH POC PATCH This Week

Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Linux Memory Corruption Linux Kernel +1
NVD GitHub
CVSS 2.0
7.6
EPSS
4.8%
CVE-2012-3510 MEDIUM POC PATCH This Month

Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
5.6
EPSS
0.1%
CVE-2012-3375 MEDIUM POC PATCH This Month

The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD Exploit-DB GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2012-3489 MEDIUM PATCH This Month

The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE PostgreSQL Opensuse Mac Os X Server Ubuntu Linux +5
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2012-3552 MEDIUM PATCH This Month

Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Linux Race Condition Linux Kernel Enterprise Linux Eus
NVD GitHub
CVSS 3.1
5.9
EPSS
2.0%
CVE-2012-3430 LOW POC PATCH Monitor

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Linux Linux Kernel
NVD Exploit-DB GitHub
CVSS 2.0
2.1
EPSS
0.2%
CVE-2012-3520 LOW POC PATCH Monitor

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a. Rated low severity (CVSS 1.9). Public exploit code available.

Linux Authentication Bypass Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-3488 MEDIUM This Month

The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation XXE PostgreSQL
NVD
CVSS 2.0
4.9
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy