VIR Vulnerability Intelligence Relay

Search

Found 10,563 results in 917ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2023-31346 medium 5.5 rhel rocky sles 2y ago RHSA-2024:4262: linux-firmware security update (Moderate)
CVE-2022-36765 high 8.0 FIX rheldebian debian sles 2y ago RHSA-2024:3017: edk2 security update (Important)
CVE-2024-5564 high 8.0 FIX rhel rocky sles 2y ago RHSA-2024:4620: libndp security update (Important)
CVE-2024-39936 high 8.0 FIX rhel rocky sles 2y ago An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an est…
CVE-2024-38663 high 8.0 FIX rhel sles rocky 2y ago Important: kernel security update
CVE-2024-38593 high 8.0 FIX rhel sles rocky 2y ago Important: kernel security update
CVE-2024-38586 high 8.0 FIX rhel rocky sles 2y ago Important: kernel security update
CVE-2024-38543 high 8.0 FIX rhel sles rocky 2y ago Important: kernel security update
CVE-2024-36957 high 8.0 FIX rhel sles rocky 2y ago Important: kernel security update
CVE-2024-36904 high 7.8 7.8 FIX rhel rocky sles 2y ago Important: kernel security update
CVE-2024-36886 high 8.0 FIX rhel rocky sles 2y ago Important: kernel security update
CVE-2024-36270 medium 5.5 5.5 FIX rhel rocky sles 2y ago Important: kernel security update
CVE-2024-35958 medium 5.5 5.5 FIX rhel rocky sles 2y ago Important: kernel security update
CVE-2024-27435 high 8.0 FIX rhel sles rocky 2y ago Important: kernel security update
CVE-2024-27397 high 7.0 7.0 FIX rhel rocky sles 2y ago Important: kernel security update
CVE-2024-26858 high 8.0 FIX rhel sles rocky 2y ago Important: kernel security update
CVE-2024-26783 high 8.0 FIX rhel sles rocky 2y ago Important: kernel security update
CVE-2024-21147 high 8.0 FIX rhel rocky sles 2y ago Important: java-1.8.0-openjdk security update
CVE-2024-21145 high 8.0 FIX rhel rocky sles 2y ago Important: java-1.8.0-openjdk security update
CVE-2024-21144 high 8.0 FIX rhel rocky sles 2y ago Important: java-1.8.0-openjdk security update
CVE-2024-21140 high 8.0 FIX rhel rocky sles 2y ago Important: java-1.8.0-openjdk security update
CVE-2024-21138 high 8.0 FIX rhel rocky sles 2y ago Important: java-1.8.0-openjdk security update
CVE-2024-21131 high 8.0 FIX rhel rocky sles 2y ago Important: java-1.8.0-openjdk security update
CVE-2023-52638 high 8.0 FIX rhel sles rocky 2y ago Important: kernel security update
CVE-2022-48627 high 8.0 FIX rhel rockydebian debian 2y ago Important: kernel security update
CVE-2021-47596 high 8.0 FIX rhel slesdebian debian 2y ago Important: kernel security update
CVE-2021-47548 high 8.0 FIX rhel rocky sles 2y ago Important: kernel security update
CVE-2024-39908 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2025:4063: ruby:3.1 security update (Moderate)
CVE-2024-6604 high 8.0 FIX rhel rockydebian debian 2y ago Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou…
CVE-2024-6603 high 8.0 FIX rhel rockydebian debian 2y ago In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 1…
CVE-2024-6601 high 8.0 FIX rhel rockydebian debian 2y ago A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunde…
CVE-2024-6409 medium 5.5 FIX rhel sles rocky 2y ago A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler i…
CVE-2024-35264 high 8.0 FIX rhel rockyalmalinux almalinux 2y ago RHSA-2024:4451: dotnet8.0 security update (Important)
CVE-2024-30105 high 8.0 FIX rhel rockyalmalinux almalinux 2y ago RHSA-2024:4451: dotnet8.0 security update (Important)
CVE-2024-38095 high 8.0 FIX rhel rockyalmalinux almalinux 2y ago RHSA-2024:4451: dotnet8.0 security update (Important)
CVE-2024-35960 critical 9.1 9.1 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2024-35870 medium 5.5 FIX rhel sles rocky 2y ago Moderate: kernel security and bug fix update
CVE-2024-27393 medium 5.5 FIX rhel sles rocky 2y ago Moderate: kernel security and bug fix update
CVE-2024-26974 high 7.0 7.0 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2024-26801 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2023-52667 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2023-52626 medium 5.5 FIX rhel rocky sles 2y ago Moderate: kernel security and bug fix update
CVE-2021-47456 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module peek_pci, referencing 'chan' again after releasing 'dev' will ca…
CVE-2021-47400 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: kernel security and bug fix update
CVE-2021-47356 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path calls del_timer(). However, that function does not …
CVE-2021-47353 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by…
CVE-2024-6387 high 8.1 9.1 EXPFIX rhelarch arch sles openbsdredhatnetapp 2y ago A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote a…
CVE-2024-4467 high 8.0 FIX rhel slesdebian debian 2y ago A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process…
CVE-2024-24790 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:8876: go-toolset:rhel8 security update (Moderate)
CVE-2024-24789 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:5291: grafana security update (Moderate)
CVE-2023-52877 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() It is possible that typec_register_partner() returns ERR_PTR on …
CVE-2023-52835 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound When perf-record with a large AUX area, e.g 4GB, it fails with:…
CVE-2023-52781 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in 'usb_get_bos_descriptor()' The BOS descriptor defines a root descriptor and is the base descr…
CVE-2023-52700 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.39…
CVE-2023-52675 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memo…
CVE-2023-52669 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole blo…
CVE-2023-2953 low 2.5 FIX rocky slesdebian debian 2y ago RHSA-2024:4264: openldap security update (Low)
CVE-2021-47311 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt aft…
CVE-2021-47310 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after …
CVE-2021-47236 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it r…
CVE-2021-47073 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on …
CVE-2021-47069 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry do_mq_timedreceive calls wq_sleep with a stack local add…
CVE-2021-46972 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put tem…
CVE-2021-46909 high 8.0 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"…
CVE-2023-4727 high 8.0 rhel rockydebian debian 2y ago RHSA-2024:4367: pki-core security update (Important)
CVE-2024-32465 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:4084: git security update (Important)
CVE-2024-32021 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:4084: git security update (Important)
CVE-2024-32020 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:4084: git security update (Important)
CVE-2024-32004 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:4084: git security update (Important)
CVE-2024-32002 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:4084: git security update (Important)
CVE-2024-0450 medium 5.5 FIX rhel rocky sles 2y ago An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which expl…
CVE-2023-6597 high 8.0 FIX rhel rocky sles 2y ago An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereferenc…
CVE-2024-3652 medium 5.5 FIX rhel rockydebian debian 2y ago RHSA-2024:4376: libreswan security update (Moderate)
CVE-2024-36286 medium 5.5 5.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() syzbot reported that nf_reinject() could be called …
CVE-2024-33871 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:4000: ghostscript security update (Important)
CVE-2024-26664 medium 5.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem …
CVE-2024-37891 medium 5.5 FIX rhel rocky sles 2y ago Moderate: python3.11-urllib3 security update
CVE-2024-5702 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:4036: thunderbird security update (Important)
CVE-2024-5700 high 8.0 FIX rhel rockydebian debian 2y ago Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou…
CVE-2024-5696 high 8.0 FIX rhel rockydebian debian 2y ago By manipulating the text in an `&lt;input&gt;` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 11…
CVE-2024-5693 high 8.0 FIX rhel rockydebian debian 2y ago Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127,…
CVE-2024-5691 high 8.0 FIX rhel rockydebian debian 2y ago By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerabilit…
CVE-2024-5690 high 8.0 FIX rhel rockydebian debian 2y ago By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox E…
CVE-2024-5688 high 8.0 FIX rhel rockydebian debian 2y ago If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird…
CVE-2024-32462 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:3961: flatpak security update (Important)
CVE-2024-3657 high 8.0 FIX debian debian rhel rocky 2y ago RHSA-2024:4235: 389-ds security update (Important)
CVE-2024-3651 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:4260: python-idna security update (Moderate)
CVE-2024-34064 medium 5.5 FIX rhel rocky sles 2y ago Moderate: fence-agents security update
CVE-2024-2947 medium 5.5 FIX rheldebian debian rocky 2y ago A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affect…
CVE-2024-2905 medium 5.5 rhel 2y ago Moderate: rpm-ostree security update
CVE-2024-28176 medium 5.5 FIX rhel rockyalmalinux almalinux 2y ago RHSA-2024:5294: jose security update (Moderate)
CVE-2024-24788 medium 5.5 FIX rhelalmalinux almalinux rocky 2y ago RHSA-2024:6969: container-tools:rhel8 security update (Moderate)
CVE-2024-2199 high 8.0 FIX debian debian rhel rocky 2y ago RHSA-2024:4235: 389-ds security update (Important)
CVE-2022-48622 medium 5.5 FIX rhel slesdebian debian 2y ago Moderate: gdk-pixbuf2 security update
CVE-2024-3183 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:3755: idm:DL1 security update (Important)
CVE-2024-2698 high 8.0 FIX rhel rockydebian debian 2y ago RHSA-2024:3755: idm:DL1 security update (Important)
CVE-2024-3049 high 8.0 FIX rheldebian debian rocky 2y ago RHSA-2024:3659: booth security update (Important)
CVE-2024-27282 medium 5.5 FIX rhel rocky sles 2y ago RHSA-2024:4499: ruby security update (Moderate)
CVE-2023-38264 medium 5.5 sles rhel 2y ago RHSA-2024:6595: java-1.8.0-ibm security update (Moderate)
CVE-2024-5629 low 2.5 FIX rocky slesdebian debian 2y ago RHSA-2025:8419: python36:3.6 security update (Low)