Filtered by vendor Linux
Subscribe
Total
10334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22317 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Curam Social Program Management and 4 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281. | |||||
| CVE-2022-22310 | 6 Apple, Hp, Ibm and 3 more | 9 Macos, Hp-ux, Aix and 6 more | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224. | |||||
| CVE-2022-21821 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity. | |||||
| CVE-2022-21820 | 2 Linux, Nvidia | 2 Linux Kernel, Data Center Gpu Manager | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity. | |||||
| CVE-2022-21817 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Omniverse Launcher | 2024-11-21 | 5.8 MEDIUM | 9.3 CRITICAL |
| NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity. | |||||
| CVE-2022-21814 | 2 Linux, Nvidia | 7 Linux Kernel, Geforce, Gpu Display Driver and 4 more | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service. | |||||
| CVE-2022-21813 | 2 Linux, Nvidia | 9 Linux Kernel, Cloud Gaming Guest, Geforce and 6 more | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service. | |||||
| CVE-2022-21155 | 4 Apple, Fernhillsoftware, Linux and 1 more | 4 Macos, Scada Server, Linux Kernel and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process (FHSvrService.exe) to exit. | |||||
| CVE-2022-20108 | 3 Google, Linux, Mediatek | 38 Android, Linux Kernel, Mt9011 and 35 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In voice service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330702; Issue ID: DTV03330702. | |||||
| CVE-2022-20107 | 3 Google, Linux, Mediatek | 38 Android, Linux Kernel, Mt9011 and 35 more | 2024-11-21 | 4.9 MEDIUM | 4.4 MEDIUM |
| In subtitle service, there is a possible application crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330673; Issue ID: DTV03330673. | |||||
| CVE-2022-20106 | 3 Google, Linux, Mediatek | 38 Android, Linux Kernel, Mt9011 and 35 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In MM service, there is a possible out of bounds write due to a heap-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; Issue ID: DTV03330460. | |||||
| CVE-2022-20105 | 3 Google, Linux, Mediatek | 38 Android, Linux Kernel, Mt9011 and 35 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In MM service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; Issue ID: DTV03330460. | |||||
| CVE-2022-1998 | 4 Fedoraproject, Linux, Netapp and 1 more | 13 Fedora, Linux Kernel, H300s and 10 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | |||||
| CVE-2022-1976 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 7.8 HIGH |
| A flaw was found in the Linux kernel’s implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw within the kernel. This issue leads to memory corruption and possible privilege escalation. | |||||
| CVE-2022-1975 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
| There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space. | |||||
| CVE-2022-1974 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 4.1 MEDIUM |
| A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information. | |||||
| CVE-2022-1973 | 3 Fedoraproject, Linux, Netapp | 12 Fedora, Linux Kernel, H300s and 9 more | 2024-11-21 | N/A | 7.1 HIGH |
| A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. | |||||
| CVE-2022-1943 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially | |||||
| CVE-2022-1901 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2024-11-21 | N/A | 5.3 MEDIUM |
| In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview. | |||||
| CVE-2022-1882 | 2 Linux, Netapp | 17 Linux Kernel, H300e, H300e Firmware and 14 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||