Filtered by vendor Linux
Subscribe
Total
6218 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28501 | 2 Linux, Rocketsoftware | 3 Linux Kernel, Unidata, Universe | 2023-04-06 | N/A | 9.8 CRITICAL |
| Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based buffer overflow in the unirpcd daemon that, if successfully exploited, can lead to remote code execution as the root user. | |||||
| CVE-2023-1075 | 1 Linux | 1 Linux Kernel | 2023-04-05 | N/A | 3.3 LOW |
| A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready. | |||||
| CVE-2020-24588 | 8 Arista, Cisco, Debian and 5 more | 350 C-100, C-100 Firmware, C-110 and 347 more | 2023-04-01 | 2.9 LOW | 3.5 LOW |
| The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. | |||||
| CVE-2020-24587 | 6 Arista, Cisco, Debian and 3 more | 332 C-100, C-100 Firmware, C-110 and 329 more | 2023-04-01 | 1.8 LOW | 2.6 LOW |
| The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. | |||||
| CVE-2020-24586 | 5 Arista, Debian, Ieee and 2 more | 44 C-200, C-200 Firmware, C-230 and 41 more | 2023-04-01 | 2.9 LOW | 3.5 LOW |
| The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data. | |||||
| CVE-2020-12364 | 2 Intel, Linux | 2 Graphics Drivers, Linux Kernel | 2023-04-01 | 2.1 LOW | 5.5 MEDIUM |
| Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access. | |||||
| CVE-2020-12363 | 2 Intel, Linux | 2 Graphics Drivers, Linux Kernel | 2023-04-01 | 2.1 LOW | 5.5 MEDIUM |
| Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access. | |||||
| CVE-2020-12362 | 2 Intel, Linux | 2 Graphics Drivers, Linux Kernel | 2023-04-01 | 4.6 MEDIUM | 7.8 HIGH |
| Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2023-23000 | 1 Linux | 1 Linux Kernel | 2023-03-31 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used. | |||||
| CVE-2023-22995 | 1 Linux | 1 Linux Kernel | 2023-03-31 | N/A | 7.8 HIGH |
| In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls. | |||||
| CVE-2020-36691 | 1 Linux | 1 Linux Kernel | 2023-03-29 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference. | |||||
| CVE-2023-25590 | 2 Arubanetworks, Linux | 2 Clearpass Policy Manager, Linux Kernel | 2023-03-27 | N/A | 7.8 HIGH |
| A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance. | |||||
| CVE-2018-3929 | 2 Antennahouse, Linux | 2 Office Server Document Converter, Linux Kernel | 2023-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted PowerPoint (PPT) document can lead to heap corruption, resulting in remote code execution. | |||||
| CVE-2018-3930 | 2 Antennahouse, Linux | 2 Office Server Document Converter, Linux Kernel | 2023-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbgetfp` method. | |||||
| CVE-2023-23006 | 1 Linux | 1 Linux Kernel | 2023-03-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||
| CVE-2023-23002 | 1 Linux | 1 Linux Kernel | 2023-03-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||
| CVE-2023-23001 | 1 Linux | 1 Linux Kernel | 2023-03-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||
| CVE-2022-43945 | 2 Linux, Netapp | 12 Linux Kernel, Active Iq Unified Manager, H300s and 9 more | 2023-03-08 | N/A | 7.5 HIGH |
| The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | |||||
| CVE-2023-23039 | 1 Linux | 1 Linux Kernel | 2023-03-06 | N/A | 5.7 MEDIUM |
| An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling open(), aka a race condition between vcc_open() and vcc_remove(). | |||||
| CVE-2023-22999 | 1 Linux | 1 Linux Kernel | 2023-03-06 | N/A | 5.5 MEDIUM |
| In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||||