Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Linux Subscribe
Filtered by product Linux Kernel
Total 5307 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-41552 3 Hitachi, Linux, Microsoft 5 Infrastructure Analytics Advisor, Ops Center Analyzer, Ops Center Viewpoint and 2 more 2023-03-01 N/A 9.8 CRITICAL
Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe components) allows Server Side Request Forgery. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00.
CVE-2022-3191 2 Hitachi, Linux 2 Ops Center Analyzer, Linux Kernel 2023-03-01 N/A 5.5 MEDIUM
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux (Virtual Strage Software Agent component) allows local users to gain sensitive information. This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00
CVE-2020-36605 3 Hitachi, Linux, Microsoft 5 Infrastructure Analytics Advisor, Ops Center Analyzer, Ops Center Viewpoint and 2 more 2023-03-01 N/A 4.4 MEDIUM
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00; Hitachi Ops Center Viewpoint: from 10.8.0-00 before 10.9.0-00.
CVE-2019-11833 5 Canonical, Debian, Fedoraproject and 2 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2023-03-01 2.1 LOW 5.5 MEDIUM
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
CVE-2020-12770 5 Canonical, Debian, Fedoraproject and 2 more 36 Ubuntu Linux, Debian Linux, Fedora and 33 more 2023-02-28 4.6 MEDIUM 6.7 MEDIUM
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
CVE-2019-15213 3 Linux, Netapp, Opensuse 8 Linux Kernel, Active Iq Unified Manager, Baseboard Management Controller H410c and 5 more 2023-02-28 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15211 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-02-28 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
CVE-2022-3435 3 Debian, Fedoraproject, Linux 3 Debian Linux, Fedora, Linux Kernel 2023-02-28 N/A 4.3 MEDIUM
A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.
CVE-2021-3759 2 Debian, Linux 2 Debian Linux, Linux Kernel 2023-02-28 N/A 5.5 MEDIUM
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2019-7222 7 Canonical, Debian, Fedoraproject and 4 more 18 Ubuntu Linux, Debian Linux, Fedora and 15 more 2023-02-28 2.1 LOW 5.5 MEDIUM
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
CVE-2022-43579 3 Ibm, Linux, Microsoft 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more 2023-02-28 N/A 5.4 MEDIUM
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238684.
CVE-2022-3629 2 Debian, Linux 2 Debian Linux, Linux Kernel 2023-02-28 N/A 3.3 LOW
A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.
CVE-2022-3633 2 Debian, Linux 2 Debian Linux, Linux Kernel 2023-02-28 N/A 3.3 LOW
A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.
CVE-2022-26509 3 Intel, Linux, Microsoft 3 Sgx Sdk, Linux Kernel, Windows 2023-02-28 N/A 5.5 MEDIUM
Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.
CVE-2023-24960 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2023-02-28 N/A 7.5 HIGH
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 246333
CVE-2022-3202 2 Linux, Netapp 11 Linux Kernel, H300s, H300s Firmware and 8 more 2023-02-28 N/A 7.1 HIGH
A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information.
CVE-2021-33391 2 Htacg, Linux 2 Tidy, Linux Kernel 2023-02-28 N/A 9.8 CRITICAL
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode() function in gdoc.c.
CVE-2023-26020 4 Apple, Craftercms, Linux and 1 more 4 Macos, Crafter Cms, Linux Kernel and 1 more 2023-02-28 N/A 7.2 HIGH
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.
CVE-2017-5546 1 Linux 1 Linux Kernel 2023-02-28 7.2 HIGH 7.8 HIGH
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service (duplicate freelist entries and system crash) or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a large value for a random number.
CVE-2022-2318 3 Debian, Linux, Netapp 12 Debian Linux, Linux Kernel, H300s and 9 more 2023-02-28 4.9 MEDIUM 5.5 MEDIUM
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.