Total
4150 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-39177 | 3 Bluez, Canonical, Debian | 3 Bluez, Ubuntu Linux, Debian Linux | 2024-02-28 | N/A | 8.8 HIGH |
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. | |||||
CVE-2022-41222 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-02-28 | N/A | 7.0 HIGH |
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. | |||||
CVE-2022-39176 | 3 Bluez, Canonical, Debian | 3 Bluez, Ubuntu Linux, Debian Linux | 2024-02-28 | N/A | 8.8 HIGH |
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. | |||||
CVE-2022-23238 | 5 Canonical, Centos, Linux and 2 more | 5 Ubuntu Linux, Centos, Linux Kernel and 2 more | 2024-02-28 | N/A | 6.5 MEDIUM |
Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content. | |||||
CVE-2022-34918 | 4 Canonical, Debian, Linux and 1 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. | |||||
CVE-2021-4115 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned | |||||
CVE-2021-4093 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. | |||||
CVE-2021-3748 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-02-28 | 6.9 MEDIUM | 7.5 HIGH |
A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process. | |||||
CVE-2021-3155 | 1 Canonical | 2 Snapd, Ubuntu Linux | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 | |||||
CVE-2020-25719 | 5 Canonical, Debian, Fedoraproject and 2 more | 17 Ubuntu Linux, Debian Linux, Fedora and 14 more | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise. | |||||
CVE-2022-29581 | 4 Canonical, Debian, Linux and 1 more | 19 Ubuntu Linux, Debian Linux, Linux Kernel and 16 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | |||||
CVE-2021-44730 | 3 Canonical, Debian, Fedoraproject | 4 Snapd, Ubuntu Linux, Debian Linux and 1 more | 2024-02-28 | 6.9 MEDIUM | 8.8 HIGH |
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 | |||||
CVE-2022-0492 | 6 Canonical, Debian, Fedoraproject and 3 more | 30 Ubuntu Linux, Debian Linux, Fedora and 27 more | 2024-02-28 | 6.9 MEDIUM | 7.8 HIGH |
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. | |||||
CVE-2021-44731 | 3 Canonical, Debian, Fedoraproject | 4 Snapd, Ubuntu Linux, Debian Linux and 1 more | 2024-02-28 | 6.9 MEDIUM | 7.8 HIGH |
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 | |||||
CVE-2021-3737 | 6 Canonical, Fedoraproject, Netapp and 3 more | 17 Ubuntu Linux, Fedora, Hci and 14 more | 2024-02-28 | 7.1 HIGH | 7.5 HIGH |
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. | |||||
CVE-2016-2124 | 5 Canonical, Debian, Fedoraproject and 2 more | 24 Ubuntu Linux, Debian Linux, Fedora and 21 more | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. | |||||
CVE-2021-3640 | 5 Canonical, Debian, Fedoraproject and 2 more | 20 Ubuntu Linux, Debian Linux, Fedora and 17 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system. | |||||
CVE-2022-24760 | 3 Canonical, Microsoft, Parseplatform | 3 Ubuntu Linux, Windows, Parse-server | 2024-02-28 | 7.5 HIGH | 10.0 CRITICAL |
Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution vulnerable code in the file `DatabaseController.js`, so it is likely to affect Postgres and any other database backend as well. This vulnerability has been confirmed on Linux (Ubuntu) and Windows. Users are advised to upgrade as soon as possible. The only known workaround is to manually patch your installation with code referenced at the source GHSA-p6h4-93qp-jhcm. | |||||
CVE-2022-0543 | 3 Canonical, Debian, Redis | 3 Ubuntu Linux, Debian Linux, Redis | 2024-02-28 | 10.0 HIGH | 10.0 CRITICAL |
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution. | |||||
CVE-2020-25717 | 5 Canonical, Debian, Fedoraproject and 2 more | 25 Ubuntu Linux, Debian Linux, Fedora and 22 more | 2024-02-28 | 8.5 HIGH | 8.1 HIGH |
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. |