Filtered by vendor Linux
Subscribe
Total
10223 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-49693 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_graph_get_remote_node() returns remote device node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. Patchwork: https://patchwork.freedesktop.org/patch/488473/ | |||||
| CVE-2022-49684 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: iio: adc: aspeed: Fix refcount leak in aspeed_adc_set_trim_data of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. | |||||
| CVE-2022-49683 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. | |||||
| CVE-2022-49682 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrate_ccount(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. | |||||
| CVE-2024-37527 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2025-03-11 | N/A | 5.4 MEDIUM |
| IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2023-50945 | 3 Ibm, Linux, Microsoft | 4 Aix, Common Licensing, Linux Kernel and 1 more | 2025-03-11 | N/A | 6.2 MEDIUM |
| IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user. | |||||
| CVE-2023-50946 | 3 Ibm, Linux, Microsoft | 4 Aix, Common Licensing, Linux Kernel and 1 more | 2025-03-11 | N/A | 6.5 MEDIUM |
| IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism. | |||||
| CVE-2024-40706 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-03-11 | N/A | 5.3 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system. | |||||
| CVE-2024-52363 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-03-11 | N/A | 6.5 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | |||||
| CVE-2023-23472 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-03-11 | N/A | 3.1 LOW |
| IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system. | |||||
| CVE-2023-34256 | 3 Debian, Linux, Suse | 3 Debian Linux, Linux Kernel, Linux Enterprise | 2025-03-11 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. | |||||
| CVE-2023-2985 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| A use after free flaw was found in hfsplus_put_super in fs/hfsplus/super.c in the Linux Kernel. This flaw could allow a local user to cause a denial of service problem. | |||||
| CVE-2023-3268 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-03-11 | N/A | 7.1 HIGH |
| An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. | |||||
| CVE-2023-3220 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference. | |||||
| CVE-2023-3161 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2025-03-11 | N/A | 5.5 MEDIUM |
| A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service. | |||||
| CVE-2023-3141 | 3 Debian, Linux, Netapp | 3 Debian Linux, Linux Kernel, Hci Baseboard Management Controller | 2025-03-11 | N/A | 7.1 HIGH |
| A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. | |||||
| CVE-2023-3022 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for in other parts of the code where rt6_info was expected unconditionally, potentially leading to a kernel panic in fib6_rule_suppress. | |||||
| CVE-2024-43196 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2025-03-11 | N/A | 4.3 MEDIUM |
| IBM OpenPages with Watson 8.3 and 9.0 application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses. | |||||
| CVE-2024-49355 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2025-03-11 | N/A | 5.3 MEDIUM |
| IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System Tracing feature. | |||||
| CVE-2024-49780 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2025-03-11 | N/A | 5.3 MEDIUM |
| IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to traverse directories on the system. An attacker with privileges to perform Import Configuration could send a specially crafted http request containing "dot dot" sequences (/../) in the file name parameter used in Import Configuration to write files to arbitrary locations outside of the specified directory and possibly overwrite arbitrary files. | |||||