Filtered by vendor Linux
Subscriptions
Filtered by product Linux Kernel
Subscriptions
Total
10197 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-31085 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. | ||||
| CVE-2023-31083 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 4.7 Medium |
| An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur. | ||||
| CVE-2023-31082 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmld_write, which will block the kernel. Note: This has been disputed by 3rd parties as not a valid vulnerability. | ||||
| CVE-2023-31036 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Triton Inference Server | 2024-11-21 | 7.5 High |
| NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2023-30995 | 2 Ibm, Linux | 2 Aspera Faspex, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. IBM X-Force ID: 254268. | ||||
| CVE-2023-30994 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 5.4 Medium |
| IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138 | ||||
| CVE-2023-30772 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 6.4 Medium |
| The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device. | ||||
| CVE-2023-2971 | 3 Linux, Microsoft, Typora | 3 Linux Kernel, Windows, Typora | 2024-11-21 | 6.3 Medium |
| Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. | ||||
| CVE-2023-2898 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2024-11-21 | 4.7 Medium |
| There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem. | ||||
| CVE-2023-2318 | 4 Apple, Linux, Marktext and 1 more | 4 Macos, Linux Kernel, Marktext and 1 more | 2024-11-21 | 8.6 High |
| DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into MarkText. | ||||
| CVE-2023-2317 | 3 Linux, Microsoft, Typora | 3 Linux Kernel, Windows, Typora | 2024-11-21 | 8.6 High |
| DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in <embed> tag. This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. | ||||
| CVE-2023-2316 | 3 Linux, Microsoft, Typora | 3 Linux Kernel, Windows, Typora | 2024-11-21 | 7.4 High |
| Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/<absolute-path>". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. | ||||
| CVE-2023-2269 | 5 Debian, Fedoraproject, Linux and 2 more | 14 Debian Linux, Fedora, Linux Kernel and 11 more | 2024-11-21 | 4.4 Medium |
| A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. | ||||
| CVE-2023-2176 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2024-11-21 | 7.8 High |
| A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege. | ||||
| CVE-2023-2156 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-11-21 | 7.5 High |
| A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system. | ||||
| CVE-2023-2124 | 4 Debian, Linux, Netapp and 1 more | 18 Debian Linux, Linux Kernel, H300s and 15 more | 2024-11-21 | 7.8 High |
| An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2023-2110 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2024-11-21 | 8.2 High |
| Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/<absolute-path>". This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies text from a malicious webpage and paste it into Obsidian. | ||||
| CVE-2023-2008 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2024-11-21 | 7.8 High |
| A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. | ||||
| CVE-2023-2007 | 3 Debian, Linux, Netapp | 13 Debian Linux, Linux Kernel, H300s and 10 more | 2024-11-21 | 7.8 High |
| The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. | ||||
| CVE-2023-2002 | 3 Debian, Linux, Redhat | 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more | 2024-11-21 | 6.8 Medium |
| A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. | ||||