Filtered by vendor Linux
Subscriptions
Total
6969 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-24448 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-08-03 | 3.3 Low |
An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. | ||||
CVE-2022-24308 | 4 Apple, Automox, Linux and 1 more | 4 Macos, Automox, Linux Kernel and 1 more | 2024-08-03 | 5.5 Medium |
Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process. | ||||
CVE-2022-24122 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-08-03 | 7.8 High |
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. | ||||
CVE-2022-23770 | 2 Linux, Wisa | 2 Linux Kernel, Smart Wing Cms | 2024-08-03 | 8.8 High |
This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal. | ||||
CVE-2022-23276 | 2 Linux, Microsoft | 2 Linux Kernel, Sql Server | 2024-08-03 | 7.8 High |
SQL Server for Linux Containers Elevation of Privilege Vulnerability | ||||
CVE-2022-23278 | 4 Apple, Google, Linux and 1 more | 11 Macos, Android, Linux Kernel and 8 more | 2024-08-03 | 5.9 Medium |
Microsoft Defender for Endpoint Spoofing Vulnerability | ||||
CVE-2022-23222 | 5 Debian, Fedoraproject, Linux and 2 more | 22 Debian Linux, Fedora, Linux Kernel and 19 more | 2024-08-03 | 7.8 High |
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. | ||||
CVE-2022-23238 | 5 Canonical, Centos, Linux and 2 more | 5 Ubuntu Linux, Centos, Linux Kernel and 2 more | 2024-08-03 | 6.5 Medium |
Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content. | ||||
CVE-2022-23119 | 2 Linux, Trendmicro | 2 Linux Kernel, Deep Security Agent | 2024-08-03 | 7.5 High |
A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability. | ||||
CVE-2022-23120 | 2 Linux, Trendmicro | 2 Linux Kernel, Deep Security Agent | 2024-08-03 | 7.8 High |
A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access to the target agent in an un-activated and unconfigured state in order to exploit this vulnerability. | ||||
CVE-2022-22956 | 2 Linux, Vmware | 4 Linux Kernel, Identity Manager, Vrealize Automation and 1 more | 2024-08-03 | 9.8 Critical |
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework. | ||||
CVE-2022-22997 | 2 Linux, Westerndigital | 5 Linux Kernel, My Cloud Home, My Cloud Home Duo and 2 more | 2024-08-03 | 6.8 Medium |
Addressed a remote code execution vulnerability by resolving a command injection vulnerability and closing an AWS S3 bucket that potentially allowed an attacker to execute unsigned code on My Cloud Home devices. | ||||
CVE-2022-22998 | 2 Linux, Westerndigital | 5 Linux Kernel, My Cloud Home, My Cloud Home Duo and 2 more | 2024-08-03 | 8 High |
Implemented protections on AWS credentials that were not properly protected. | ||||
CVE-2022-22972 | 2 Linux, Vmware | 6 Linux Kernel, Cloud Foundation, Identity Manager and 3 more | 2024-08-03 | 9.8 Critical |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. | ||||
CVE-2022-22959 | 2 Linux, Vmware | 6 Linux Kernel, Cloud Foundation, Identity Manager and 3 more | 2024-08-03 | 4.3 Medium |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI. | ||||
CVE-2022-22973 | 2 Linux, Vmware | 5 Linux Kernel, Cloud Foundation, Identity Manager and 2 more | 2024-08-03 | 7.8 High |
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'. | ||||
CVE-2022-22964 | 2 Linux, Vmware | 2 Linux Kernel, Horizon | 2024-08-03 | 7.8 High |
VMware Horizon Agent for Linux (prior to 22.x) contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file. | ||||
CVE-2022-22955 | 2 Linux, Vmware | 4 Linux Kernel, Identity Manager, Vrealize Automation and 1 more | 2024-08-03 | 9.8 Critical |
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework. | ||||
CVE-2022-22962 | 2 Linux, Vmware | 2 Linux Kernel, Horizon | 2024-08-03 | 7.8 High |
VMware Horizon Agent for Linux (prior to 22.x) contains a local privilege escalation as a user is able to change the default shared folder location due to a vulnerable symbolic link. Successful exploitation can result in linking to a root owned file. | ||||
CVE-2022-22957 | 2 Linux, Vmware | 6 Linux Kernel, Cloud Foundation, Identity Manager and 3 more | 2024-08-03 | 7.2 High |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution. |