VIR Vulnerability Intelligence Relay

Search

Found 5,883 results in 1717ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2020-25656 medium 5.5 FIX rocky slesdebian debian 2y ago A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access …
CVE-2020-21710 low 2.5 FIX slesdebian debian rocky 2y ago RHSA-2024:2966: ghostscript security update (Low)
CVE-2020-18652 medium 5.5 FIX rocky slesdebian debian 2y ago RHSA-2024:3066: exempi security update (Moderate)
CVE-2020-18651 medium 5.5 FIX rocky slesdebian debian 2y ago RHSA-2024:3066: exempi security update (Moderate)
CVE-2020-15778 medium 5.5 rocky slesdebian debian 2y ago scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that t…
CVE-2019-15505 medium 5.5 FIX rocky slesdebian debian 2y ago drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
CVE-2019-13631 medium 5.5 FIX sles rockydebian debian 2y ago In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation o…
CVE-2013-7488 medium 5.5 FIX sles rockydebian debian 2y ago RHSA-2024:3049: perl-Convert-ASN1 security update (Moderate)
CVE-2024-36007 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one re…
CVE-2024-36004 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e an…
CVE-2024-35910 medium 5.8 5.8 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding n…
CVE-2024-35893 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: prevent kernel-infoleak syzbot found that tcf_skbmod_dump() was copying four bytes from kernel stack to us…
CVE-2024-35884 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when …
CVE-2024-4777 medium 5.5 FIX rhel rockydebian debian 2y ago Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou…
CVE-2024-4770 medium 5.5 FIX rhel rockydebian debian 2y ago When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
CVE-2024-4769 medium 5.5 FIX rhel rockydebian debian 2y ago When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn …
CVE-2024-4768 medium 5.5 FIX rhel rockydebian debian 2y ago A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and T…
CVE-2024-4767 medium 5.5 FIX rhel rockydebian debian 2y ago If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnera…
CVE-2024-35176 low 2.5 FIX rocky slesdebian debian 2y ago RHSA-2024:5338: pcs security update (Low)
CVE-2024-28182 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:4252: nghttp2 security update (Moderate)
CVE-2024-25629 low 2.5 FIX rheldebian debian rocky 2y ago RHSA-2024:4249: c-ares security update (Low)
CVE-2024-25743 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2024-25742 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2023-6240 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2023-5090 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2024-25062 medium 5.5 FIX rhel rocky sles 2y ago An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can…
CVE-2024-27059 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS…
CVE-2025-38053 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix null-ptr-deref in idpf_features_check idpf_features_check is used to validate the TX packet. skb header length is compa…
CVE-2024-28180 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:3968: container-tools:rhel8 bug fix and enhancement update (Moderate)
CVE-2024-28102 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:3267: idm:DL1 and idm:client security update (Moderate)
CVE-2024-26830 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently when PF administratively sets VF's MAC address and t…
CVE-2024-25580 medium 5.5 FIX rhel slesdebian debian 2y ago An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occu…
CVE-2024-2496 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: libvirt security update
CVE-2024-2494 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:3253: virt:rhel and virt-devel:rhel security update (Moderate)
CVE-2024-24786 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:4246: container-tools security update (Moderate)
CVE-2024-24784 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:6969: container-tools:rhel8 security update (Moderate)
CVE-2024-24783 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:6969: container-tools:rhel8 security update (Moderate)
CVE-2024-24259 medium 5.5 FIX rhel rockydebian debian 2y ago Moderate: freeglut security update
CVE-2024-24258 medium 5.5 FIX rhel rockydebian debian 2y ago Moderate: freeglut security update
CVE-2024-2307 medium 5.5 rhel rocky 2y ago RHSA-2024:2961: Image builder components bug fix, enhancement and security update (Moderate)
CVE-2024-22365 medium 5.5 5.5 FIX rhel rocky sles linux-pam 2y ago Moderate: pam security update
CVE-2024-22195 medium 5.5 FIX rhel rocky sles 2y ago Moderate: fence-agents security and bug fix update
CVE-2024-1481 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:3044: idm:DL1 security update (Moderate)
CVE-2024-1441 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: libvirt security and bug fix update
CVE-2024-1048 medium 5.5 FIX rhel rocky sles 2y ago Moderate: grub2 security update
CVE-2024-0727 medium 5.5 5.5 FIX rhelalmalinux almalinux sles openssl 2y ago Low: openssl and openssl-fips-provider security update
CVE-2024-0690 medium 5.5 FIX debian debian rhel rocky 2y ago RHSA-2024:3043: ansible-core bug fix, enhancement, and security update (Moderate)
CVE-2024-0409 medium 5.5 FIX rhel slesdebian debian 2y ago A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiat…
CVE-2024-0408 medium 5.5 FIX rhel slesdebian debian 2y ago A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (…
CVE-2023-7008 medium 5.5 FIX rhel rocky sles 2y ago A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the u…
CVE-2023-6918 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:3233: libssh security update (Low)
CVE-2023-6917 medium 5.5 FIX rhel slesdebian debian 2y ago A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operat…
CVE-2023-6710 medium 6.5 EXP rhel 2y ago Moderate: mod_jk and mod_proxy_cluster security update
CVE-2023-6683 medium 5.5 FIX rhel rocky sles 2y ago A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the…
CVE-2023-6237 medium 5.9 5.9 FIX rhel sles rocky 2y ago Low: openssl and openssl-fips-provider security update
CVE-2023-6228 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:5079: libtiff security update (Moderate)
CVE-2023-6129 medium 6.5 6.5 FIX rhel sles rocky openssl 2y ago Low: openssl and openssl-fips-provider security update
CVE-2023-6121 medium 4.3 4.3 FIX rhel rocky sles 2y ago Important: kernel security, bug fix, and enhancement update
CVE-2023-6004 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:3233: libssh security update (Low)
CVE-2023-5871 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: libnbd security update
CVE-2023-5678 medium 5.3 5.3 FIX rocky rhel sles openssl 2y ago RHSA-2023:7877: openssl security update (Low)
CVE-2023-54324 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrieve_deps There's a race condition in the multipath target when retrieve_deps races with multipat…
CVE-2023-54289 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedf_main.c:3056 qedf_alloc_global_queues(…
CVE-2023-54274 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for valid 'mad_agent' pointer When unregistering MAD agent, srpt module has a non-null check for 'mad_agen…
CVE-2023-54201 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially …
CVE-2023-54186 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show …
CVE-2023-54184 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That …
CVE-2023-54179 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. …
CVE-2023-54169 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5e_ptp_open When kvzalloc_node or kvzalloc failed in mlx5e_ptp_open, the memory pointed by "c" o…
CVE-2023-54166 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndo_tx_timeout callback The Xeon validation group has been carrying out some loaded tests with vario…
CVE-2023-54148 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel encapsulation in ECMP (Equal-Cost Multipath) mode, …
CVE-2023-54106 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the er…
CVE-2023-54100 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qedi_remove() In qedi_probe() we call __qedi_probe() which initializes &qedi->recovery_work…
CVE-2023-54096 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for sound…
CVE-2023-54090 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix panic during XDP_TX with > 64 CPUs Commit 4fe815850bdc ("ixgbe: let the xdpdrv work with more than 64 cpus") adds supp…
CVE-2023-54072 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against…
CVE-2023-54070 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 ("igb: Enable SR-IOV after reinit"), removing the…
CVE-2023-54064 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapte…
CVE-2023-54014 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be derefere…
CVE-2023-54003 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fails, release sgid_attr to avoid GID entry referrenc…
CVE-2023-53999 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix internal port memory leak The flow rule can be splited, and the extra post_act rules are added to post_act tab…
CVE-2023-53995 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bo…
CVE-2023-53848 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") int…
CVE-2023-53843 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) re…
CVE-2023-53821 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix slab-use-after-free in decode_session6 When ipv6_vti device is set to the qdisc of the sfb type, the cb field of the…
CVE-2023-5380 medium 5.5 FIX rhel slesdebian debian 2y ago A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zap…
CVE-2023-53762 medium 5.5 FIX rocky rhel sles 2y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync Use-after-free can occur in hci_disconnect_all_sync if a connection is de…
CVE-2023-53761 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a use…
CVE-2023-53751 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times …
CVE-2023-53722 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-o…
CVE-2023-53696 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc…
CVE-2023-53661 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: bnxt: avoid overflow in bnxt_get_nvram_directory() The value of an arithmetic expression is subject of possible overflow due to a…
CVE-2023-53621 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: memcontrol: ensure memcg acquired by id is properly set up In the eviction recency check, we attempt to retrieve the memcg to whi…
CVE-2023-53615 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the lin…
CVE-2023-53611 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff…
CVE-2023-53586 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUN_RESET handling This fixes a bug where an initiator thinks a LUN_RESET has cleaned up running comma…
CVE-2023-53585 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpf_sk_assign The semantics for bpf_sk_assign are as follows: sk = some_lookup_func() bp…
CVE-2023-53581 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the …
CVE-2023-53577 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode e…
CVE-2023-53559 medium 5.5 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field…