Filtered by vendor Linux
Subscribe
Total
10566 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22483 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2023-08-08 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979. | |||||
| CVE-2022-34160 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2023-08-08 | 5.8 MEDIUM | 5.4 MEDIUM |
| IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 229330. | |||||
| CVE-2022-22958 | 2 Linux, Vmware | 6 Linux Kernel, Cloud Foundation, Identity Manager and 3 more | 2023-08-08 | 6.5 MEDIUM | 7.2 HIGH |
| VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution. | |||||
| CVE-2022-22394 | 3 Ibm, Linux, Microsoft | 4 Aix, Spectrum Protect, Linux Kernel and 1 more | 2023-08-08 | 9.0 HIGH | 8.8 HIGH |
| The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or node access to the vulnerable server. | |||||
| CVE-2022-0797 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2023-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |||||
| CVE-2021-1081 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7). | |||||
| CVE-2022-34306 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2023-08-08 | 5.5 MEDIUM | 5.4 MEDIUM |
| IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 229435. | |||||
| CVE-2022-22973 | 2 Linux, Vmware | 5 Linux Kernel, Cloud Foundation, Identity Manager and 2 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'. | |||||
| CVE-2022-30613 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2023-08-08 | N/A | 5.5 MEDIUM |
| IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366. | |||||
| CVE-2022-22330 | 2 Ibm, Linux | 2 Control Desk, Linux Kernel | 2023-08-08 | N/A | 5.3 MEDIUM |
| IBM Control Desk 7.6.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 219126. | |||||
| CVE-2021-1058 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2023-08-08 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2021-38878 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key exchange without entity authentication. IBM X-Force ID: 208756. | |||||
| CVE-2022-34165 | 6 Apple, Hp, Ibm and 3 more | 9 Macos, Hp-ux, Aix and 6 more | 2023-08-08 | N/A | 5.4 MEDIUM |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. IBM X-Force ID: 229429. | |||||
| CVE-2022-23276 | 2 Linux, Microsoft | 2 Linux Kernel, Sql Server | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| SQL Server for Linux Containers Elevation of Privilege Vulnerability | |||||
| CVE-2021-20543 | 3 Ibm, Linux, Microsoft | 3 Jazz Team Server, Linux Kernel, Windows | 2023-08-08 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 198929. | |||||
| CVE-2022-26841 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2023-08-08 | N/A | 5.5 MEDIUM |
| Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-40307 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-08-08 | N/A | 4.7 MEDIUM |
| An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. | |||||
| CVE-2021-1083 | 6 Citrix, Linux, Microsoft and 3 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2) and version 11.x (prior to 11.4). | |||||
| CVE-2021-4083 | 4 Debian, Linux, Netapp and 1 more | 23 Debian Linux, Linux Kernel, H300e and 20 more | 2023-08-04 | 6.9 MEDIUM | 7.0 HIGH |
| A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. | |||||
| CVE-2022-1671 | 2 Linux, Netapp | 11 Linux Kernel, H300s, H300s Firmware and 8 more | 2023-08-04 | N/A | 7.1 HIGH |
| A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. | |||||