Filtered by vendor Linux
Subscribe
Total
7100 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-23831 | 4 Amd, Freebsd, Linux and 1 more | 4 Amd Uprof, Freebsd, Linux Kernel and 1 more | 2024-02-28 | N/A | 7.5 HIGH |
Insufficient validation of the IOCTL input buffer in AMD µProf may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service. | |||||
CVE-2022-2074 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2024-02-28 | N/A | 7.5 HIGH |
In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service using the Variable Project Template. | |||||
CVE-2022-28199 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Data Plane Development Kit | 2024-02-28 | N/A | 6.5 MEDIUM |
NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality. | |||||
CVE-2022-22411 | 2 Ibm, Linux | 2 Spectrum Scale Data Access Services, Linux Kernel | 2024-02-28 | N/A | 6.5 MEDIUM |
IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. IBM X-Force ID: 223016. | |||||
CVE-2022-3640 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-02-28 | N/A | 8.8 HIGH |
A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944. | |||||
CVE-2022-22424 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-02-28 | N/A | 5.5 MEDIUM |
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597. | |||||
CVE-2022-3239 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 7.8 HIGH |
A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | |||||
CVE-2022-2318 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. | |||||
CVE-2022-42721 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-02-28 | N/A | 5.5 MEDIUM |
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. | |||||
CVE-2022-2959 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 7.0 HIGH |
A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system. | |||||
CVE-2022-40235 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2024-02-28 | N/A | 6.5 MEDIUM |
"IBM InfoSphere Information Server 11.7 could allow a user to cause a denial of service by removing the ability to run jobs due to improper input validation. IBM X-Force ID: 235725." | |||||
CVE-2022-3903 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 4.6 MEDIUM |
An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system. | |||||
CVE-2022-36534 | 2 Linux, Syncovery | 2 Linux Kernel, Syncovery | 2024-02-28 | N/A | 8.8 HIGH |
Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain multiple remote code execution (RCE) vulnerabilities via the Job_ExecuteBefore and Job_ExecuteAfter parameters at post_profilesettings.php. | |||||
CVE-2022-31662 | 3 Linux, Microsoft, Vmware | 6 Linux Kernel, Windows, Access Connector and 3 more | 2024-02-28 | N/A | 7.5 HIGH |
VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files. | |||||
CVE-2022-0168 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-02-28 | N/A | 4.4 MEDIUM |
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system. | |||||
CVE-2022-1671 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2024-02-28 | N/A | 7.1 HIGH |
A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. | |||||
CVE-2022-31659 | 3 Linux, Microsoft, Vmware | 6 Linux Kernel, Windows, Access Connector and 3 more | 2024-02-28 | N/A | 7.2 HIGH |
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. | |||||
CVE-2022-3435 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-02-28 | N/A | 4.3 MEDIUM |
A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability. | |||||
CVE-2022-0400 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 7.5 HIGH |
An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos. | |||||
CVE-2022-1976 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 7.8 HIGH |
A flaw was found in the Linux kernel’s implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw within the kernel. This issue leads to memory corruption and possible privilege escalation. |