Total
3418 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30560 | 4 Debian, Google, Splunk and 1 more | 4 Debian Linux, Chrome, Universal Forwarder and 1 more | 2024-03-27 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2023-23559 | 3 Debian, Linux, Netapp | 3 Debian Linux, Linux Kernel, Hci Baseboard Management Controller | 2024-03-25 | N/A | 7.8 HIGH |
| In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. | |||||
| CVE-2022-36946 | 3 Debian, Linux, Netapp | 7 Debian Linux, Linux Kernel, Active Iq Unified Manager and 4 more | 2024-03-25 | N/A | 7.5 HIGH |
| nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | |||||
| CVE-2022-23222 | 4 Debian, Fedoraproject, Linux and 1 more | 19 Debian Linux, Fedora, Linux Kernel and 16 more | 2024-03-25 | 7.2 HIGH | 7.8 HIGH |
| kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. | |||||
| CVE-2021-44733 | 5 Debian, Fedoraproject, Linux and 2 more | 20 Debian Linux, Fedora, Linux Kernel and 17 more | 2024-03-25 | 4.4 MEDIUM | 7.0 HIGH |
| A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object. | |||||
| CVE-2021-29154 | 4 Debian, Fedoraproject, Linux and 1 more | 20 Debian Linux, Fedora, Linux Kernel and 17 more | 2024-03-25 | 7.2 HIGH | 7.8 HIGH |
| BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. | |||||
| CVE-2021-26930 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-03-25 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error. This affects drivers/block/xen-blkback/blkback.c. | |||||
| CVE-2016-1244 | 2 Debian, Unadf Project | 2 Debian Linux, Unadf | 2024-03-15 | 9.3 HIGH | 8.8 HIGH |
| The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file. | |||||
| CVE-2022-25857 | 2 Debian, Snakeyaml Project | 2 Debian Linux, Snakeyaml | 2024-03-15 | N/A | 7.5 HIGH |
| The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections. | |||||
| CVE-2016-2143 | 4 Debian, Linux, Oracle and 1 more | 4 Debian Linux, Linux Kernel, Linux and 1 more | 2024-03-14 | 6.9 MEDIUM | 7.8 HIGH |
| The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h. | |||||
| CVE-2017-10661 | 3 Debian, Linux, Redhat | 6 Debian Linux, Linux Kernel, Enterprise Linux and 3 more | 2024-03-14 | 7.6 HIGH | 7.0 HIGH |
| Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing. | |||||
| CVE-2019-15604 | 5 Debian, Nodejs, Opensuse and 2 more | 10 Debian Linux, Node.js, Leap and 7 more | 2024-03-07 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate | |||||
| CVE-2023-31137 | 3 Debian, Fedoraproject, Maradns | 3 Debian Linux, Fedora, Maradns | 2024-03-07 | N/A | 7.5 HIGH |
| MaraDNS is open-source software that implements the Domain Name System (DNS). In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination. The vulnerability exists in the `decomp_get_rddata` function within the `Decompress.c` file. When handling a DNS packet with an Answer RR of qtype 16 (TXT record) and any qclass, if the `rdlength` is smaller than `rdata`, the result of the line `Decompress.c:886` is a negative number `len = rdlength - total;`. This value is then passed to the `decomp_append_bytes` function without proper validation, causing the program to attempt to allocate a massive chunk of memory that is impossible to allocate. Consequently, the program exits with an error code of 64, causing a Denial of Service. One proposed fix for this vulnerability is to patch `Decompress.c:887` by breaking `if(len <= 0)`, which has been incorporated in version 3.5.0036 via commit bab062bde40b2ae8a91eecd522e84d8b993bab58. | |||||
| CVE-2023-1872 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-29 | N/A | 7.0 HIGH |
| A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8. | |||||
| CVE-2023-46234 | 2 Browserify, Debian | 2 Browserify-sign, Debian Linux | 2024-02-28 | N/A | 7.5 HIGH |
| browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2. | |||||
| CVE-2023-42753 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-02-27 | N/A | 7.8 HIGH |
| An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. | |||||
| CVE-2023-32307 | 2 Debian, Signalwire | 2 Debian Linux, Sofia-sip | 2024-02-27 | N/A | 7.5 HIGH |
| Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. The previous patch of [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54) fixed the vulnerability when attr_type did not match the enum value, but there are also vulnerabilities in the handling of other valid cases. The OOB read and integer-overflow made by attacker may lead to crash, high consumption of memory or even other more serious consequences. These issue have been addressed in version 1.13.15. Users are advised to upgrade. | |||||
| CVE-2022-21476 | 4 Azul, Debian, Netapp and 1 more | 18 Zulu, Debian Linux, Active Iq Unified Manager and 15 more | 2024-02-23 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | |||||
| CVE-2021-20288 | 4 Debian, Fedoraproject, Linuxfoundation and 1 more | 4 Debian Linux, Fedora, Ceph and 1 more | 2024-02-16 | 6.5 MEDIUM | 7.2 HIGH |
| An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2009-0115 | 8 Avaya, Christophe.varoqui, Debian and 5 more | 11 Intuity Audix Lx, Message Networking, Messaging Storage Server and 8 more | 2024-02-16 | 7.2 HIGH | 7.8 HIGH |
| The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon. | |||||