Vulnerabilities > Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-27 | CVE-2011-5327 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption. | 9.8 |
| 2019-07-27 | CVE-2007-6762 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array. | 9.8 |
| 2019-06-14 | CVE-2019-10126 | Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in the Linux kernel. | 9.8 |
| 2019-05-22 | CVE-2019-7837 | Use After Free vulnerability in multiple products Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. | 9.3 |
| 2019-05-08 | CVE-2019-11815 | Race Condition vulnerability in multiple products An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. | 9.3 |
| 2019-05-02 | CVE-2019-11683 | Out-of-bounds Write vulnerability in multiple products udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue. | 9.8 |
| 2019-03-27 | CVE-2019-10125 | Use After Free vulnerability in multiple products An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. | 10.0 |
| 2019-01-18 | CVE-2018-15982 | Use After Free vulnerability in Adobe Flash Player Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. | 10.0 |
| 2018-11-29 | CVE-2018-15981 | Incorrect Type Conversion or Cast vulnerability in multiple products Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. | 10.0 |
| 2018-09-24 | CVE-2018-13140 | Cleartext Transmission of Sensitive Information vulnerability in Druide Antidote 9 Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages. | 9.3 |