Filtered by vendor Linux
Subscriptions
Total
10292 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-21009 | 3 Adobe, Linux, Microsoft | 3 Campaign Classic, Linux Kernel, Windows | 2025-04-23 | 8.6 High |
| Adobe Campaign Classic Gold Standard 10 (and earlier), 20.3.1 (and earlier), 20.2.3 (and earlier), 20.1.3 (and earlier), 19.2.3 (and earlier) and 19.1.7 (and earlier) are affected by a server-side request forgery (SSRF) vulnerability. Successful exploitation could allow an attacker to use the Campaign instance to issue unauthorized requests to internal or external resources. | ||||
| CVE-2021-40745 | 3 Adobe, Linux, Microsoft | 3 Campaign, Linux Kernel, Windows | 2025-04-23 | 7.5 High |
| Adobe Campaign version 21.2.1 (and earlier) is affected by a Path Traversal vulnerability that could lead to reading arbitrary server files. By leveraging an exposed XML file, an unauthenticated attacker can enumerate other files on the server. | ||||
| CVE-2022-2380 | 1 Linux | 1 Linux Kernel | 2025-04-23 | 5.5 Medium |
| The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. | ||||
| CVE-2022-1199 | 3 Linux, Netapp, Redhat | 13 Linux Kernel, Active Iq Unified Manager, H300s and 10 more | 2025-04-23 | 7.5 High |
| A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. | ||||
| CVE-2023-3312 | 1 Linux | 1 Linux Kernel | 2025-04-23 | 7.5 High |
| A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service. | ||||
| CVE-2023-3159 | 1 Linux | 1 Linux Kernel | 2025-04-23 | 6.7 Medium |
| A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails. | ||||
| CVE-2023-3111 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2025-04-23 | 7.8 High |
| A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). | ||||
| CVE-2023-2598 | 2 Linux, Netapp | 2 Linux Kernel, Hci Baseboard Management Controller | 2025-04-23 | 7.8 High |
| A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation. | ||||
| CVE-2023-2513 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-23 | 6.7 Medium |
| A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. | ||||
| CVE-2023-2194 | 3 Fedoraproject, Linux, Redhat | 5 Fedora, Linux Kernel, Enterprise Linux and 2 more | 2025-04-23 | 6.7 Medium |
| An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution. | ||||
| CVE-2023-2006 | 2 Linux, Netapp | 2 Linux Kernel, Hci Baseboard Management Controller | 2025-04-23 | 7 High |
| A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel. | ||||
| CVE-2023-1390 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Rhel Aus and 2 more | 2025-04-23 | 7.5 High |
| A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition. | ||||
| CVE-2023-1252 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-23 | 7.8 High |
| A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected. | ||||
| CVE-2023-1118 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-23 | 7.8 High |
| A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | ||||
| CVE-2023-1073 | 3 Fedoraproject, Linux, Redhat | 5 Fedora, Linux Kernel, Enterprise Linux and 2 more | 2025-04-23 | 6.6 Medium |
| A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2022-3629 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-23 | 2.6 Low |
| A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-3633 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-23 | 3.5 Low |
| A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932. | ||||
| CVE-2022-42343 | 3 Adobe, Linux, Microsoft | 3 Campaign, Linux Kernel, Windows | 2025-04-23 | 6.5 Medium |
| Adobe Campaign version 7.3.1 (and earlier) and 8.3.9 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction. | ||||
| CVE-2022-34679 | 5 Citrix, Linux, Nvidia and 2 more | 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more | 2025-04-23 | 5.5 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unhandled return value can lead to a null-pointer dereference, which may lead to denial of service. | ||||
| CVE-2022-42255 | 5 Citrix, Linux, Nvidia and 2 more | 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more | 2025-04-23 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering. | ||||