Filtered by vendor Linux
Subscribe
Total
10223 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42754 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2024-11-21 | N/A | 5.5 MEDIUM |
| A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. | |||||
| CVE-2023-42753 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | N/A | 7.0 HIGH |
| An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. | |||||
| CVE-2023-42752 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.5 MEDIUM |
| An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers. | |||||
| CVE-2023-42526 | 4 Apple, Linux, Microsoft and 1 more | 10 Macos, Linux Kernel, Windows and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
| Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. | |||||
| CVE-2023-42525 | 4 Apple, Linux, Microsoft and 1 more | 10 Macos, Linux Kernel, Windows and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
| Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. | |||||
| CVE-2023-42524 | 4 Apple, Linux, Microsoft and 1 more | 10 Macos, Linux Kernel, Windows and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
| Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. | |||||
| CVE-2023-42523 | 4 Apple, Linux, Microsoft and 1 more | 10 Macos, Linux Kernel, Windows and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
| Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. | |||||
| CVE-2023-42522 | 4 Apple, Linux, Microsoft and 1 more | 10 Macos, Linux Kernel, Windows and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
| Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. | |||||
| CVE-2023-42521 | 4 Apple, Linux, Microsoft and 1 more | 10 Macos, Linux Kernel, Windows and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
| Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. | |||||
| CVE-2023-42520 | 4 Apple, Linux, Microsoft and 1 more | 10 Macos, Linux Kernel, Windows and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
| Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. | |||||
| CVE-2023-42031 | 2 Ibm, Linux | 4 Aix, Cics Tx, Txseries For Multiplatforms and 1 more | 2024-11-21 | N/A | 4.9 MEDIUM |
| IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 266016. | |||||
| CVE-2023-42029 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Aix, Cics Tx and 3 more | 2024-11-21 | N/A | 4.8 MEDIUM |
| IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266059. | |||||
| CVE-2023-42027 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Aix, Cics Tx and 3 more | 2024-11-21 | N/A | 4.3 MEDIUM |
| IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057. | |||||
| CVE-2023-42022 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2024-11-21 | N/A | 5.4 MEDIUM |
| IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938. | |||||
| CVE-2023-42019 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2024-11-21 | N/A | 5.9 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. | |||||
| CVE-2023-42009 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2024-11-21 | N/A | 5.4 MEDIUM |
| IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265504. | |||||
| CVE-2023-41750 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 32047. | |||||
| CVE-2023-41745 | 4 Acronis, Apple, Linux and 1 more | 5 Agent, Cyber Protect, Macos and 2 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979. | |||||
| CVE-2023-41742 | 4 Acronis, Apple, Linux and 1 more | 5 Agent, Cyber Protect, Macos and 2 more | 2024-11-21 | N/A | 7.5 HIGH |
| Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979. | |||||
| CVE-2023-40791 | 2 Linux, Netapp | 9 Linux Kernel, H300s, H300s Firmware and 6 more | 2024-11-21 | N/A | 6.3 MEDIUM |
| extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page. | |||||