Linux

linux

Vendor: Oracle • 229 CVEs

CVEs (229)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-8385 2Oracle Pcre 2Linux Perl Compatible Regular Expression Library May 6, 2026 Dec 2, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 PCRE before 8.38 mishandles the /(?\|(\k'Pm')\|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecifi...Show more PCRE before 8.38 mishandles the /(?\|(\k'Pm')\|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.Show less
CVE-2015-2328 2Oracle Pcre 2Linux Pcre May 6, 2026 Dec 2, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 PCRE before 8.36 mishandles the /((?(R)a\|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other im...Show more PCRE before 8.36 mishandles the /((?(R)a\|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.Show less
CVE-2015-0272 4Canonical GnomeOracle+1 more 9Linux Linux Enterprise DebuginfoLinux Enterprise Desktop+6 more May 6, 2026 Nov 17, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.
CVE-2015-8126 9Apple CanonicalDebian+6 more 20Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+17 more May 6, 2026 Nov 13, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow r...Show more Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.Show less
CVE-2015-4913 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 22, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-...Show more Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.Show less
CVE-2015-4879 6Canonical DebianFedoraproject+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+10 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.
CVE-2015-4870 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
CVE-2015-4861 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 3.5 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
CVE-2015-4858 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-49...Show more Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.Show less
CVE-2015-4836 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 2.8 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
CVE-2015-4819 6Canonical DebianFedoraproject+3 more 14Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+11 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
CVE-2015-4816 6Canonical DebianFedoraproject+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+10 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
CVE-2015-4815 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.
CVE-2015-4802 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerabi...Show more Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.Show less
CVE-2015-4792 7Canonical DebianFedoraproject+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+12 more May 6, 2026 Oct 21, 2015 N/A· v4 N/A· v3 1.7 LOW· v2 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerabi...Show more Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.Show less
CVE-2015-0275 2Linux Oracle 2Linux Linux Kernel May 6, 2026 Oct 19, 2015 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.
CVE-2014-9751 4Debian NtpOracle+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more May 6, 2026 Oct 6, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attac...Show more The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.Show less
CVE-2014-9750 4Debian NtpOracle+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more May 6, 2026 Oct 6, 2015 N/A· v4 N/A· v3 5.8 MEDIUM· v2 ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet...Show more ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field.Show less
CVE-2015-6248 2Oracle Wireshark 3Linux SolarisWireshark May 6, 2026 Aug 24, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denia...Show more The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.Show less
CVE-2015-6246 2Oracle Wireshark 3Linux SolarisWireshark May 6, 2026 Aug 24, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (...Show more The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.Show less

Previous 1...8910 11 12 Next