| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-30600 |
682 |
|
Bypass |
2022-05-18 |
2022-06-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. |
|
2 |
CVE-2022-30599 |
89 |
|
Sql |
2022-05-18 |
2022-06-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. |
|
3 |
CVE-2022-1998 |
416 |
|
|
2022-06-09 |
2022-10-05 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. |
|
4 |
CVE-2022-1708 |
400 |
|
Exec Code |
2022-06-07 |
2022-06-14 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability. |
|
5 |
CVE-2022-1652 |
416 |
|
DoS Exec Code |
2022-06-02 |
2023-03-01 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. |
|
6 |
CVE-2022-0847 |
665 |
|
|
2022-03-10 |
2022-12-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. |
|
7 |
CVE-2021-45417 |
787 |
|
Overflow |
2022-01-20 |
2022-01-26 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. |
|
8 |
CVE-2021-38160 |
120 |
|
|
2021-08-07 |
2022-01-01 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior. |
|
9 |
CVE-2021-20314 |
787 |
|
DoS Exec Code Overflow |
2021-08-12 |
2023-02-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages. |
|
10 |
CVE-2021-20292 |
416 |
|
Exec Code |
2021-05-28 |
2022-04-29 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. |
|
11 |
CVE-2021-20291 |
667 |
|
DoS |
2021-04-01 |
2021-06-02 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). |
|
12 |
CVE-2021-20246 |
369 |
|
|
2021-03-09 |
2021-03-25 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability. |
|
13 |
CVE-2021-20245 |
369 |
|
|
2021-03-09 |
2022-01-01 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability. |
|
14 |
CVE-2021-20244 |
369 |
|
|
2021-03-09 |
2021-03-25 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability. |
|
15 |
CVE-2021-20236 |
787 |
|
Overflow |
2021-05-28 |
2022-08-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
|
16 |
CVE-2021-20233 |
787 |
|
|
2021-03-03 |
2022-04-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
17 |
CVE-2021-20232 |
416 |
|
Mem. Corr. |
2021-03-12 |
2021-05-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. |
|
18 |
CVE-2021-20231 |
416 |
|
Mem. Corr. |
2021-03-12 |
2021-06-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences. |
|
19 |
CVE-2021-20225 |
787 |
|
|
2021-03-03 |
2022-04-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
20 |
CVE-2021-4154 |
416 |
|
DoS |
2022-02-04 |
2023-01-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system. |
|
21 |
CVE-2021-4093 |
125 |
|
|
2022-02-18 |
2023-01-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. |
|
22 |
CVE-2021-4034 |
787 |
|
Exec Code |
2022-01-28 |
2023-02-13 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. |
|
23 |
CVE-2021-3773 |
|
|
|
2022-02-16 |
2023-02-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. |
|
24 |
CVE-2021-3752 |
416 |
|
|
2022-02-16 |
2023-02-24 |
7.9 |
None |
Local Network |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
|
25 |
CVE-2021-3746 |
119 |
|
Overflow |
2021-10-19 |
2021-10-22 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is written. The highest threat from this vulnerability is to system availability. This issue affects libtpms versions before 0.8.5, before 0.7.9 and before 0.6.6. |
|
26 |
CVE-2021-3737 |
400 |
|
|
2022-03-04 |
2023-02-02 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. |
|
27 |
CVE-2021-3657 |
119 |
|
Exec Code Overflow |
2022-02-18 |
2022-10-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution. |
|
28 |
CVE-2021-3656 |
862 |
|
|
2022-03-04 |
2023-01-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. |
|
29 |
CVE-2021-3612 |
787 |
|
|
2021-07-09 |
2023-01-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
|
30 |
CVE-2021-3543 |
476 |
|
|
2021-06-01 |
2022-06-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system. |
|
31 |
CVE-2021-3517 |
787 |
|
|
2021-05-19 |
2022-10-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application. |
|
32 |
CVE-2021-3487 |
20 |
|
|
2021-04-15 |
2022-10-27 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption. |
|
33 |
CVE-2021-3472 |
191 |
|
|
2021-04-26 |
2021-05-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
34 |
CVE-2020-36329 |
416 |
|
|
2021-05-21 |
2023-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
35 |
CVE-2020-36328 |
787 |
|
Overflow |
2021-05-21 |
2023-01-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
36 |
CVE-2020-27827 |
400 |
|
DoS |
2021-03-18 |
2022-10-07 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. |
|
37 |
CVE-2020-27786 |
416 |
|
Exec Code Mem. Corr. |
2020-12-11 |
2023-02-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
|
38 |
CVE-2020-27777 |
862 |
|
|
2020-12-15 |
2020-12-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel. |
|
39 |
CVE-2020-27749 |
121 |
|
Exec Code Overflow |
2021-03-03 |
2022-05-13 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
40 |
CVE-2020-25647 |
787 |
|
Exec Code Mem. Corr. Bypass |
2021-03-03 |
2022-05-13 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
41 |
CVE-2020-25643 |
20 |
|
DoS Overflow Mem. Corr. |
2020-10-06 |
2022-10-25 |
7.5 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Complete |
|
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
42 |
CVE-2020-25632 |
416 |
|
Exec Code Bypass |
2021-03-03 |
2022-05-13 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
43 |
CVE-2020-14356 |
476 |
|
|
2020-08-19 |
2023-02-24 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. |
|
44 |
CVE-2020-14339 |
772 |
|
+Priv |
2020-12-03 |
2022-11-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
|
45 |
CVE-2020-14331 |
787 |
|
|
2020-09-15 |
2023-02-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
46 |
CVE-2019-1010238 |
787 |
|
Exec Code Overflow |
2019-07-19 |
2022-04-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. |
|
47 |
CVE-2019-19334 |
787 |
|
DoS Exec Code Overflow |
2019-12-06 |
2019-12-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution. |
|
48 |
CVE-2019-19333 |
787 |
|
DoS Exec Code Overflow |
2019-12-06 |
2019-12-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution. |
|
49 |
CVE-2019-19081 |
401 |
|
DoS |
2019-11-18 |
2020-08-24 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a. |
|
50 |
CVE-2019-19076 |
401 |
|
DoS |
2019-11-18 |
2020-08-24 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
** DISPUTED ** A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted. |
