Filtered by vendor Linux
Subscriptions
Total
6969 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26607 | 2 Linux, Netapp | 2 Linux Kernel, Hci Baseboard Management Controller | 2024-08-02 | 7.1 High |
| In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. | ||||
| CVE-2023-26544 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 7.8 High |
| In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size. | ||||
| CVE-2023-26606 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 7.8 High |
| In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c. | ||||
| CVE-2023-26512 | 4 Apache, Apple, Linux and 1 more | 4 Eventmesh, Macos, Linux Kernel and 1 more | 2024-08-02 | 9.8 Critical |
| CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh (incubating) V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via rabbitmq messages. Users can use the code under the master branch in project repo to fix this issue, we will release the new version as soon as possible. | ||||
| CVE-2023-26545 | 3 Linux, Netapp, Redhat | 14 Linux Kernel, H300s, H300s Firmware and 11 more | 2024-08-02 | 4.7 Medium |
| In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. | ||||
| CVE-2023-26276 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-08-02 | 5.9 Medium |
| IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 248147. | ||||
| CVE-2023-26283 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-08-02 | 5.4 Medium |
| IBM WebSphere Application Server 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 248416. | ||||
| CVE-2023-26242 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 7.8 High |
| afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow. | ||||
| CVE-2023-26273 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-08-02 | 4.3 Medium |
| IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 248134. | ||||
| CVE-2023-26281 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Http Server and 4 more | 2024-08-02 | 5.9 Medium |
| IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296. | ||||
| CVE-2023-26274 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-08-02 | 4.6 Medium |
| IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 248144. | ||||
| CVE-2023-26021 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-08-02 | 7.5 High |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864. | ||||
| CVE-2023-26020 | 4 Apple, Craftercms, Linux and 1 more | 4 Macos, Crafter Cms, Linux Kernel and 1 more | 2024-08-02 | 5.7 Medium |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26. | ||||
| CVE-2023-26022 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-08-02 | 5.9 Medium |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868. | ||||
| CVE-2023-25930 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-08-02 | 5.9 Medium |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. | ||||
| CVE-2023-25928 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2024-08-02 | 4.6 Medium |
| IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 247646. | ||||
| CVE-2023-25841 | 3 Esri, Linux, Microsoft | 3 Arcgis Server, Linux Kernel, Windows | 2024-08-02 | 6.1 Medium |
| There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 10.8.1 – 11.0 on Windows and Linux platforms that may allow a remote, unauthenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. Mitigation: Disable anonymous access to ArcGIS Feature services with edit capabilities. | ||||
| CVE-2023-25840 | 3 Esri, Linux, Microsoft | 3 Arcgis Server, Linux Kernel, Windows | 2024-08-02 | 3.4 Low |
| There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. The privileges required to execute this attack are high. | ||||
| CVE-2023-25590 | 2 Arubanetworks, Linux | 2 Clearpass Policy Manager, Linux Kernel | 2024-08-02 | 7.8 High |
| A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance. | ||||
| CVE-2023-25539 | 2 Dell, Linux | 2 Networker, Linux Kernel | 2024-08-02 | 8.4 High |
| Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. This is a high severity vulnerability as the exploitation allows an attacker to take complete control of a system, so Dell recommends customers to upgrade at the earliest opportunity. | ||||