Filtered by vendor Linux
Subscribe
Total
10272 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-3689 | 2 Intel, Linux | 2 Software Guard Extensions, Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote attestation provided by the AESM. | |||||
| CVE-2018-3626 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information. | |||||
| CVE-2018-2021 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155345. | |||||
| CVE-2018-25020 | 2 Linux, Netapp | 18 Linux Kernel, Cloud Backup, H300e and 15 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c. | |||||
| CVE-2018-25018 | 2 Linux, Rarlab | 2 Linux Kernel, Unrar | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext. | |||||
| CVE-2018-25015 | 2 Linux, Netapp | 17 Linux Kernel, H300e, H300e Firmware and 14 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8. | |||||
| CVE-2018-21033 | 4 Hitachi, Linux, Microsoft and 1 more | 11 Automation Director, Compute Systems Manager, Device Manager and 8 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager and Hitachi Compute Systems Manager. | |||||
| CVE-2018-21032 | 4 Hitachi, Linux, Microsoft and 1 more | 6 Automation Director, Compute Systems Manager, Device Manager and 3 more | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. Hitachi Command Suite includes Hitachi Device Manager and Hitachi Compute Systems Manager. | |||||
| CVE-2018-21026 | 4 Hitachi, Linux, Microsoft and 1 more | 8 Compute Systems Manager, Device Manager, Replication Manager and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal information. | |||||
| CVE-2018-21008 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. | |||||
| CVE-2018-20976 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. | |||||
| CVE-2018-20961 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. | |||||
| CVE-2018-20856 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled. | |||||
| CVE-2018-20855 | 3 Linux, Netapp, Opensuse | 6 Linux Kernel, Active Iq Performance Analytics Services, Active Iq Unified Manager and 3 more | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. | |||||
| CVE-2018-20854 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read. | |||||
| CVE-2018-20836 | 6 Canonical, Debian, F5 and 3 more | 13 Ubuntu Linux, Debian Linux, Traffix Signaling Delivery Controller and 10 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free. | |||||
| CVE-2018-20784 | 3 Canonical, Linux, Redhat | 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load. | |||||
| CVE-2018-20764 | 2 Helpsystems, Linux | 2 Boks, Linux Kernel | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation. | |||||
| CVE-2018-20733 | 6 Hpe, Ibm, Linux and 3 more | 6 Hp-ux Ipfilter, Aix, Linux Kernel and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE. | |||||
| CVE-2018-20732 | 6 Hpe, Ibm, Linux and 3 more | 6 Hp-ux Ipfilter, Aix, Linux Kernel and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant. | |||||