Linux Security Vulnerabilities
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a...
4.4CVSS
6.3AI Score
0.0004EPSS
A use-after-free flaw was found in mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an attacker to crash the system after 'features' memory release. This vulnerability could even lead to....
7.1CVSS
6.4AI Score
0.0004EPSS
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is...
NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of...
5.5CVSS
5.6AI Score
0.0004EPSS
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information...
7.8CVSS
7.7AI Score
0.001EPSS
NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of...
7.1CVSS
6.6AI Score
0.001EPSS
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data.....
7.1CVSS
6.9AI Score
0.0004EPSS
If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9...
7.5CVSS
7.5AI Score
0.001EPSS
Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...
7.5CVSS
7.8AI Score
0.001EPSS
An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer...
5.5CVSS
5.8AI Score
0.0004EPSS
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for in other parts of the code where rt6_info was expected unconditionally, potentially leading to a...
5.5CVSS
5.2AI Score
0.0004EPSS
A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of...
7.5CVSS
7.2AI Score
0.0005EPSS
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in...
7CVSS
6.8AI Score
0.0004EPSS
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in...
7CVSS
7.3AI Score
0.0004EPSS
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in...
7CVSS
7.2AI Score
0.0004EPSS
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in...
7CVSS
6.5AI Score
0.0004EPSS
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in...
7CVSS
7.1AI Score
0.0004EPSS
An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in...
7CVSS
6.7AI Score
0.0004EPSS
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege...
7.8CVSS
7.7AI Score
0.001EPSS
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of...
5.5CVSS
5.5AI Score
0.001EPSS
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of...
5.5CVSS
5.5AI Score
0.001EPSS
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of...
5.5CVSS
5.5AI Score
0.0004EPSS
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal...
7.1CVSS
6.8AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.001EPSS
During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privileges due to improper privilege management to trigger actions with root privileges. ESET remedied...
7.8CVSS
7.8AI Score
0.0004EPSS
IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. IBM X-Force ID: ...
7.8CVSS
7.1AI Score
0.0004EPSS
Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename...
9.8CVSS
9.3AI Score
0.002EPSS
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.push_method_enabled didn't function. However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server:...
7.5CVSS
7.3AI Score
0.003EPSS
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to...
7.5CVSS
7.2AI Score
0.002EPSS
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
8.8AI Score
0.004EPSS
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
8.8AI Score
0.003EPSS
Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
8.8AI Score
0.003EPSS
Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
8.4AI Score
0.005EPSS
Zoom for Linux clients prior to 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could result in a Zoom application...
7.5CVSS
6.4AI Score
0.001EPSS
Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting...
4.3CVSS
4.8AI Score
0.001EPSS
A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event()...
6.7CVSS
6.5AI Score
0.0004EPSS
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of...
5.5CVSS
6AI Score
0.0004EPSS
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information...
7.1CVSS
6.8AI Score
0.0004EPSS
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary...
7.2CVSS
7.5AI Score
0.003EPSS
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security...
5.4CVSS
6.3AI Score
0.001EPSS
D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon.....
6.5CVSS
6.5AI Score
0.001EPSS
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
5.4CVSS
5.2AI Score
0.001EPSS
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch...
9.6CVSS
8.6AI Score
0.001EPSS
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
6.4CVSS
5.1AI Score
0.001EPSS
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials....
5.4CVSS
5.2AI Score
0.001EPSS
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site....
3.7CVSS
3.6AI Score
0.001EPSS