Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Enterprise Linux Security Vulnerabilities

cve
cve

CVE-2024-0553

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, p...

7.5CVSS

6.7AI Score

0.008EPSS

2024-01-16 12:15 PM
154
cve
cve

CVE-2024-0562

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in ...

7.8CVSS

7.4AI Score

0.0004EPSS

2024-01-15 07:15 PM
93
cve
cve

CVE-2024-0564

A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is "max page shari...

6.5CVSS

5.9AI Score

0.001EPSS

2024-01-30 03:15 PM
43
cve
cve

CVE-2024-0607

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the dst array. On each iteration, 8 bytes are written, but dst is an array of u32, so each element only has space for 4 bytes. Tha...

6.6CVSS

6.6AI Score

0.0004EPSS

2024-01-18 04:15 PM
130
cve
cve

CVE-2024-0639

A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

5.5CVSS

5.6AI Score

0.0004EPSS

2024-01-17 04:15 PM
62
cve
cve

CVE-2024-0641

A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

5.5CVSS

4.9AI Score

0.0004EPSS

2024-01-17 04:15 PM
159
cve
cve

CVE-2024-0646

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.

7.8CVSS

7.5AI Score

0.0004EPSS

2024-01-17 04:15 PM
198
cve
cve

CVE-2024-0690

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as dec...

5.5CVSS

5AI Score

0.0004EPSS

2024-02-06 12:15 PM
166
cve
cve

CVE-2024-0775

A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.

7.1CVSS

6.4AI Score

0.0004EPSS

2024-01-22 01:15 PM
46
cve
cve

CVE-2024-0841

A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

7.8CVSS

7.1AI Score

0.0004EPSS

2024-01-28 12:15 PM
80
cve
cve

CVE-2024-0914

A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.

5.9CVSS

5.3AI Score

0.001EPSS

2024-01-31 05:15 AM
162
cve
cve

CVE-2024-1048

A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be...

3.3CVSS

4.2AI Score

0.0005EPSS

2024-02-06 06:15 PM
104
cve
cve

CVE-2024-23301

Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.

5.5CVSS

5.4AI Score

0.0004EPSS

2024-01-12 11:15 PM
68
cve
cve

CVE-2024-3049

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.

5.9CVSS

7.2AI Score

0.001EPSS

2024-06-06 06:15 AM
30
cve
cve

CVE-2024-3567

A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition.

5.5CVSS

5.2AI Score

0.0004EPSS

2024-04-10 03:16 PM
54
cve
cve

CVE-2024-6239

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.

7.5CVSS

6.4AI Score

0.0005EPSS

2024-06-21 02:15 PM
34
Total number of security vulnerabilities1616