CVE-2023-2162

A use-after-free vulnerability was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information...

CVE-2023-2004

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2023-1990

A use-after-free flaw was found in ndlcremove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem...

CVE-2023-1829

A use-after-free vulnerability in the Linux Kernel traffic control index filter tcindex can be exploited to achieve local privilege escalation. The tcindexdelete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later...

CVE-2023-1972

A potential heap based buffer overflow was found in bfdelfslurpversiontables in bfd/elf.c. This may lead to loss of availability...

CVE-2023-1989

A use-after-free flaw was found in btsdioremove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdioremove with an unfinished job, may cause a race problem leading to a UAF on hdev devices...

CVE-2023-30456

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

CVE-2020-36691

An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service unbounded recursion via a nested Netlink policy with a back reference...

CVE-2022-48425

In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...

CVE-2023-28466

dotlsgetsockopt in net/tls/tlsmain.c in the Linux kernel through 6.2.6 lacks a locksock call, leading to a race condition with a resultant use-after-free or NULL pointer dereference...

CVE-2023-28328

A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of...

CVE-2023-0030

A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkmvmatail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2023-23000

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegraxusbfindportnode return value. Callers expect NULL in the error case, but an error pointer is used...

CVE-2019-14560

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none...

Important: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

CVE-2023-26544

In the Linux kernel 6.0.8, there is a use-after-free in rununpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size...

CVE-2023-0597

A flaw possibility of memory leak in the Linux kernel cpuentryarea mapping of X86 CPU data to memory was found in the way user can guess location of exception stacks or other important data. A local user could use this flaw to get access to some important data with expected location in memory...

K16865: GNU C Library (glibc) vulnerability CVE-2015-1781

Security Advisory Description A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could u...

Foreman < 2.5.0 MitM Vulnerability

Foreman is prone to a man-in-the-middle MitM vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:theforeman:foreman"; ...