| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-3753 |
125 |
|
|
2022-02-16 |
2022-12-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. |
|
2 |
CVE-2021-3602 |
212 |
|
|
2022-03-03 |
2022-10-24 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials). |
|
3 |
CVE-2021-3533 |
362 |
|
|
2021-06-09 |
2022-04-25 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async result data. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2. |
|
4 |
CVE-2020-25656 |
416 |
|
|
2020-12-02 |
2022-10-25 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality. |
|
5 |
CVE-2019-18660 |
200 |
|
+Info |
2019-11-27 |
2020-01-28 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. |
|
6 |
CVE-2019-2634 |
|
|
|
2019-04-23 |
2023-01-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). |
|
7 |
CVE-2019-2536 |
|
|
|
2019-01-16 |
2023-01-31 |
1.2 |
None |
Local |
High |
Not required |
None |
None |
Partial |
|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:N/A:H). |
|
8 |
CVE-2019-2535 |
|
|
|
2019-01-16 |
2023-05-31 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
|
9 |
CVE-2018-16888 |
269 |
|
|
2019-01-14 |
2022-01-31 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable. |
|
10 |
CVE-2016-4980 |
330 |
|
|
2019-11-27 |
2023-02-12 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
A password generation weakness exists in xquest through 2016-06-13. |
|
11 |
CVE-2016-0609 |
|
|
|
2016-01-21 |
2019-12-27 |
1.7 |
None |
Remote |
High |
??? |
None |
None |
Partial |
|
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges. |
|
12 |
CVE-2014-5177 |
20 |
|
|
2014-08-03 |
2019-04-22 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virDomainDefineXML, (2) virNetworkCreateXML, (3) virNetworkDefineXML, (4) virStoragePoolCreateXML, (5) virStoragePoolDefineXML, (6) virStorageVolCreateXML, (7) virDomainCreateXML, (8) virNodeDeviceCreateXML, (9) virInterfaceDefineXML, (10) virStorageVolCreateXMLFrom, (11) virConnectDomainXMLFromNative, (12) virConnectDomainXMLToNative, (13) virSecretDefineXML, (14) virNWFilterDefineXML, (15) virDomainSnapshotCreateXML, (16) virDomainSaveImageDefineXML, (17) virDomainCreateXMLWithFiles, (18) virConnectCompareCPU, or (19) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT from CVE-2014-0179 per ADT3 due to different affected versions of some vectors. |
|
13 |
CVE-2014-3647 |
|
|
DoS |
2014-11-10 |
2023-02-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. |
|
14 |
CVE-2014-0179 |
20 |
|
DoS |
2014-08-03 |
2023-02-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods. |
|
15 |
CVE-2013-4481 |
362 |
|
+Info |
2013-11-23 |
2019-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets." |
|
16 |
CVE-2013-2217 |
59 |
|
|
2013-09-23 |
2019-04-22 |
1.2 |
None |
Local |
High |
Not required |
None |
Partial |
None |
|
cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/. |
|
17 |
CVE-2013-0223 |
119 |
|
DoS Overflow |
2013-11-23 |
2023-02-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function. |
|
18 |
CVE-2013-0200 |
59 |
|
|
2013-03-06 |
2023-02-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722. |
|
19 |
CVE-2012-6548 |
200 |
|
+Info |
2013-03-15 |
2019-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. |
|
20 |
CVE-2012-6546 |
200 |
|
+Info |
2013-03-15 |
2019-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. |
|
21 |
CVE-2012-6545 |
200 |
|
+Info |
2013-03-15 |
2019-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. |
|
22 |
CVE-2012-6544 |
200 |
|
+Info |
2013-03-15 |
2019-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation. |
|
23 |
CVE-2012-6542 |
200 |
|
+Info |
2013-03-15 |
2019-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument. |
|
24 |
CVE-2012-6538 |
200 |
|
+Info |
2013-03-15 |
2019-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability. |
|
25 |
CVE-2012-6537 |
200 |
|
+Info |
2013-03-15 |
2019-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. |
|
26 |
CVE-2012-2313 |
264 |
|
|
2012-06-13 |
2023-02-13 |
1.2 |
None |
Local |
High |
Not required |
None |
None |
Partial |
|
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. |
|
27 |
CVE-2012-1568 |
|
|
Bypass |
2013-03-01 |
2023-02-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries. |
|
28 |
CVE-2011-3585 |
362 |
|
DoS |
2019-12-31 |
2023-02-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists. |
|
29 |
CVE-2011-2693 |
|
|
DoS |
2013-06-08 |
2023-02-13 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The perf subsystem in the kernel package 2.6.32-122.el6.x86_64 in Red Hat Enterprise Linux (RHEL) 6 does not properly handle NMIs, which might allow local users to cause a denial of service (excessive log messages) via unspecified vectors. |
|
30 |
CVE-2007-3849 |
264 |
|
Bypass |
2007-09-05 |
2017-09-29 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files. |
|
31 |
CVE-2007-1865 |
189 |
|
+Info |
2007-09-18 |
2008-11-13 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
** DISPUTED ** The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when copying header info to the user's buffer." |
|
32 |
CVE-2007-0004 |
264 |
|
+Info |
2007-09-18 |
2008-09-05 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call to the server, which allows local client processes to obtain a false success status from open calls that the server would deny, and possibly obtain sensitive information about file permissions on the server, as demonstrated in a root_squash environment. NOTE: it is uncertain whether any scenarios involving this issue cross privilege boundaries. |
|
33 |
CVE-2003-0986 |
|
|
DoS |
2003-12-31 |
2017-10-11 |
1.7 |
None |
Local |
Low |
??? |
None |
None |
Partial |
|
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service. |
