Filtered by vendor Linux
Subscriptions
Total
6990 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-40490 | 4 Debian, Fedoraproject, Linux and 1 more | 29 Debian Linux, Fedora, Linux Kernel and 26 more | 2024-08-04 | 7.0 High |
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | ||||
CVE-2021-39246 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2024-08-04 | 6.1 Medium |
Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. Exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the destination server (or collected by a rogue site within the Tor network). | ||||
CVE-2021-39089 | 2 Ibm, Linux | 2 Cloud Pak For Security, Linux Kernel | 2024-08-04 | 4.3 Medium |
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request. IBM X-Force ID: 216387. | ||||
CVE-2021-39077 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-08-04 | 4.4 Medium |
IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587. | ||||
CVE-2021-39011 | 2 Ibm, Linux | 2 Cloud Pak For Security, Linux Kernel | 2024-08-04 | 4.2 Medium |
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 stores potentially sensitive information in log files that could be read by a privileged user. IBM X-Force ID: 213645. | ||||
CVE-2021-38927 | 3 Ibm, Linux, Microsoft | 3 Aspera Console, Linux Kernel, Windows | 2024-08-04 | 7.2 High |
IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210322. | ||||
CVE-2021-38933 | 3 Ibm, Linux, Oracle | 4 Aix, Sterling Connect\, Linux Kernel and 1 more | 2024-08-04 | 5.9 Medium |
IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210574. | ||||
CVE-2021-38209 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 3.3 Low |
net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls. | ||||
CVE-2021-38202 | 2 Linux, Netapp | 7 Linux Kernel, Element Software, Hci Bootstrap Os and 4 more | 2024-08-04 | 7.5 High |
fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd. | ||||
CVE-2021-38208 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 5.5 Medium |
net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call. | ||||
CVE-2021-38205 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-04 | 3.3 Low |
drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). | ||||
CVE-2021-38203 | 2 Linux, Netapp | 7 Linux Kernel, Element Software, Hci Bootstrap Os and 4 more | 2024-08-04 | 5.5 Medium |
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info. | ||||
CVE-2021-38201 | 3 Linux, Netapp, Redhat | 8 Linux Kernel, Element Software, Hci Bootstrap Os and 5 more | 2024-08-04 | 7.5 High |
net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations. | ||||
CVE-2021-38199 | 3 Debian, Linux, Netapp | 8 Debian Linux, Linux Kernel, Element Software and 5 more | 2024-08-04 | 6.5 Medium |
fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. | ||||
CVE-2021-38300 | 3 Debian, Linux, Netapp | 19 Debian Linux, Linux Kernel, Cloud Backup and 16 more | 2024-08-04 | 7.8 High |
arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture. | ||||
CVE-2021-38204 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-04 | 6.8 Medium |
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. | ||||
CVE-2021-38200 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 5.5 Medium |
arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a "perf record" command. | ||||
CVE-2021-38206 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 5.5 Medium |
The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates. | ||||
CVE-2021-38207 | 1 Linux | 1 Linux Kernel | 2024-08-04 | 7.5 High |
drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes. | ||||
CVE-2021-38166 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-08-04 | 7.8 High |
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability. |