# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2022-30596 |
79 |
|
XSS |
2022-05-18 |
2022-06-13 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. |
2 |
CVE-2022-1706 |
863 |
|
|
2022-05-17 |
2022-10-11 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidentiality. Possible workaround is to not put secrets in the Ignition config. |
3 |
CVE-2022-1462 |
362 |
|
|
2022-06-02 |
2022-10-29 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
None |
Partial |
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory. |
4 |
CVE-2022-1353 |
|
|
+Priv +Info |
2022-04-29 |
2022-12-14 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. |
5 |
CVE-2022-1280 |
416 |
|
DoS +Info |
2022-04-13 |
2022-04-20 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
None |
Partial |
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak. |
6 |
CVE-2021-20197 |
362 |
|
|
2021-03-26 |
2023-02-02 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
There is an open race window when writing output in the following utilities in GNU binutils1: ar, objcopy, strip, and ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. |
7 |
CVE-2021-3716 |
924 |
|
|
2022-03-02 |
2022-03-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability. |
8 |
CVE-2021-3667 |
667 |
|
DoS |
2022-03-02 |
2023-02-02 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. |
9 |
CVE-2021-3631 |
732 |
|
|
2022-03-02 |
2022-10-28 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity. |
10 |
CVE-2021-3623 |
787 |
|
|
2022-03-02 |
2022-11-29 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability. |
11 |
CVE-2021-3507 |
787 |
|
Overflow +Info |
2021-05-06 |
2023-02-02 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory. |
12 |
CVE-2021-3501 |
787 |
|
|
2021-05-06 |
2022-05-13 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability. |
13 |
CVE-2021-3393 |
209 |
|
+Info |
2021-04-01 |
2021-06-04 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read. |
14 |
CVE-2020-35501 |
|
|
|
2022-03-30 |
2022-12-02 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem |
15 |
CVE-2020-25662 |
665 |
|
|
2020-11-05 |
2023-02-02 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality. |
16 |
CVE-2020-14311 |
190 |
|
Overflow |
2020-07-31 |
2021-10-19 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow. |
17 |
CVE-2020-14310 |
190 |
|
Overflow |
2020-07-31 |
2021-10-19 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow. |
18 |
CVE-2020-10759 |
347 |
|
Bypass |
2020-09-15 |
2023-02-02 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
A PGP signature bypass flaw was found in fwupd, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity. |
19 |
CVE-2020-10742 |
787 |
|
Overflow |
2021-06-02 |
2023-02-02 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc will cause a kernel panic. The highest threat from this vulnerability is to data confidentiality and system availability. |
20 |
CVE-2020-1720 |
862 |
|
|
2020-03-17 |
2020-08-17 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17. |
21 |
CVE-2019-18390 |
125 |
|
DoS |
2019-12-23 |
2023-02-03 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands. |
22 |
CVE-2019-15718 |
|
|
|
2019-09-04 |
2022-02-20 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that should be restricted to privileged users, in order to change the system's DNS resolver settings. |
23 |
CVE-2019-15031 |
200 |
|
+Info |
2019-09-13 |
2021-07-21 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c. |
24 |
CVE-2019-15030 |
862 |
|
|
2019-09-13 |
2020-08-24 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check. |
25 |
CVE-2019-14824 |
732 |
|
|
2019-11-08 |
2023-02-02 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes. |
26 |
CVE-2019-14822 |
862 |
|
|
2019-11-25 |
2022-06-07 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user. |
27 |
CVE-2019-10155 |
354 |
|
|
2019-06-12 |
2020-09-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29. |
28 |
CVE-2019-10131 |
193 |
|
|
2019-04-30 |
2021-10-28 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. |
29 |
CVE-2019-3874 |
|
|
DoS |
2019-03-25 |
2023-02-02 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. |
30 |
CVE-2019-3460 |
20 |
|
|
2019-04-11 |
2022-04-22 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. |
31 |
CVE-2019-3459 |
125 |
|
+Info |
2019-04-11 |
2022-04-22 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. |
32 |
CVE-2019-2814 |
|
|
|
2019-07-23 |
2023-01-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.2 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N). |
33 |
CVE-2019-2738 |
|
|
|
2019-07-23 |
2023-01-30 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N). |
34 |
CVE-2019-2636 |
|
|
|
2019-04-23 |
2023-01-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Group Replication Plugin). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via MySQL Procotol to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
35 |
CVE-2019-2630 |
|
|
|
2019-04-23 |
2023-01-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
36 |
CVE-2019-2623 |
|
|
|
2019-04-23 |
2023-01-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H). |
37 |
CVE-2019-2617 |
|
|
|
2019-04-23 |
2023-01-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
38 |
CVE-2018-1283 |
|
|
|
2018-03-26 |
2021-06-06 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications. |
39 |
CVE-2018-1129 |
287 |
|
Bypass |
2018-07-10 |
2019-08-29 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
Partial |
None |
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. |
40 |
CVE-2018-1063 |
59 |
|
|
2018-03-02 |
2023-02-02 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). |
41 |
CVE-2016-8612 |
20 |
|
|
2018-03-09 |
2023-02-02 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
An error was found in protocol parsing logic of mod_cluster load balancer Apache HTTP Server modules. An attacker could use this flaw to cause a Segmentation Fault in the serving httpd process. |
42 |
CVE-2016-0666 |
|
|
|
2016-04-21 |
2019-12-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges. |
43 |
CVE-2016-0665 |
|
|
|
2016-04-21 |
2019-04-22 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Security: Encryption. |
44 |
CVE-2016-0661 |
|
|
|
2016-04-21 |
2019-04-22 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options. |
45 |
CVE-2016-0655 |
|
|
|
2016-04-21 |
2019-04-22 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB. |
46 |
CVE-2016-0610 |
|
|
|
2016-01-21 |
2019-04-22 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and MariaDB before 10.0.22 and 10.1.x before 10.1.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB. |
47 |
CVE-2016-0608 |
|
|
|
2016-01-21 |
2019-12-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF. |
48 |
CVE-2016-0606 |
|
|
|
2016-01-21 |
2019-12-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption. |
49 |
CVE-2016-0600 |
|
|
|
2016-01-21 |
2019-12-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB. |
50 |
CVE-2016-0598 |
|
|
|
2016-01-21 |
2019-12-27 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. |