Cloudlinux - Page 4 of Cloudlinux Most Viewed Vulnerabilities List

CloudLinux•added 2021/09/21 10:1 p.m.•51 views

Fix of CVE: CVE-2021-27364, CVE-2021-27363, CVE-2021-27365

CVE-2021-27365: scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE - CVE-2021-27365: scsi: iscsi: Verify lengths on passthrough PDUs - CVE-2021-27363: CVE-2021-27364: scsi: iscsi: Restrict sessions and handles to admin capabilities - sysfs: Add sysfsemit and sysfsemitat to format sysfs...

7.8CVSS1.2AI score0.00335EPSS

Exploits3References1

CloudLinux•added 2022/01/13 2:29 p.m.•50 views

Fix of CVE: CVE-2021-3800

CVE-2021-3800: Fix privilege escalation...

5.5CVSS2.5AI score0.00063EPSS

CloudLinux•added 2021/11/10 6:26 p.m.•50 views

Fix of CVE: CVE-2021-3875, CVE-2021-3872, CVE-2021-3903

CVE-2021-3872: fix illegal memory access if buffer name is very long - CVE-2021-3875: fix mlget error after search with range - CVE-2021-3903: fix invalid memory access when scrolling without a valid screen...

6.8CVSS7.1AI score0.00467EPSS

Exploits3References1

CloudLinux•added 2021/09/28 2:25 p.m.•50 views

Fix of CVE: CVE-2020-35452

CVE-2020-35452: fix stack overflow in modauthdigest due to crafted digest nonce...

6.8CVSS2.8AI score0.10695EPSS

CloudLinux•added 2023/02/24 9:34 a.m.•49 views

git: Fix of 4 CVEs

CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links...

9.8CVSS8.7AI score0.17802EPSS

Exploits4

CloudLinux•added 2022/11/23 8:44 p.m.•49 views

xterm: Fix of CVE-2022-45063

CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window - Add NULL pointer checks in xstrcasecmp and xstrncasecmp to help with error recovery for a missing font...

9.8CVSS1.4AI score0.14033EPSS

CloudLinux•added 2022/08/17 6:58 p.m.•49 views

Fixed CVE-2022-2581 in vim

CVE-2022-2581: fix illegal memory access when pattern starts with illegal byte...

7.8CVSS2.8AI score0.00109EPSS

CloudLinux•added 2022/05/19 11:55 p.m.•49 views

Fixed CVE-2018-25032 in rsync

CVE-2018-25032: Fix memory corruption when deflating if the input has many distant matches...

7.5CVSS4.2AI score0.00089EPSS

CloudLinux•added 2021/04/19 4:26 p.m.•49 views

Update of python-libs, python-tools, python, python-devel, python-libs, python-devel, python, python-test, tkinter

Rebuilt...

1AI score

CloudLinux•added 2023/10/16 6:59 p.m.•48 views

exim: Fix of 2 CVEs

CVE-2023-42114: fix possible OOB read in SPA authenticator - CVE-2023-42116: fix possible OOB write in SPA authenticator...

9.8CVSS7AI score0.13895EPSS

Exploits2

CloudLinux•added 2022/09/14 4:34 p.m.•48 views

Fixed CVE-2022-28614 in httpd

CVE-2022-28614: fix out-of-bounds read via aprwrite...

5.3CVSS1AI score0.00576EPSS

CloudLinux•added 2021/07/21 2:55 p.m.•48 views

Update of libcurl, curl, libcurl-devel, libcurl-devel, libcurl

...

1.1AI score

CloudLinux•added 2024/06/20 4:37 p.m.•47 views

glibc: Fix of CVE-2024-33599

CVE-2024-33599: Fix buffer overflow in netgroup cache...

8.1CVSS7.4AI score0.01546EPSS

CloudLinux•added 2024/02/29 11:6 a.m.•47 views

kernel: Fix of 7 CVEs

KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...

8.8CVSS7.3AI score0.54873EPSS

Exploits9

CloudLinux•added 2023/09/21 6:2 p.m.•47 views

vim: Fix of CVE-2023-4736

CVE-2023-4736: improve search path to avoid run an executable in untrusted dir...

7.8CVSS7AI score0.0003EPSS

CloudLinux•added 2023/02/09 11:37 p.m.•47 views

java-1.8.0-openjdk: Fix of 2 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs: - CVE-2023-21830: Improper restrictions in CORBA deserialization Serialization, 8285021 - CVE-2023-21843: Soundbank URL remote loading Sound, 8293742 - Update tzdata requirement to 2022g to match JDK-8297804 -...

5.3CVSS6.3AI score0.00135EPSS

CloudLinux•added 2022/09/29 6:36 p.m.•47 views

Fixed CVE-2022-2795 in bind

CVE-2022-2795: fix possible resolver performance degradation when processing large delegations...

5.3CVSS7.9AI score0.00484EPSS

CloudLinux•added 2021/09/22 4:30 p.m.•47 views

Fix of CVE: CVE-2020-10878

CVE-2020-10878: fix integer overflow leading to RCE...

8.6CVSS3.1AI score0.00111EPSS

CloudLinux•added 2021/03/03 12:0 p.m.•47 views

Fix of CVE:CVE-2021-23841

Fix Null pointer deref in X509issuerandserialhash CVE-2021-23841...

5.9CVSS7.3AI score0.00958EPSS

CloudLinux•added 2023/04/12 7:25 p.m.•46 views

nss: Fix of CVE-2023-0767

CVE-2023-0767: nss: improve handling of unknown PKCS12 safe bag types...

8.8CVSS7.6AI score0.00249EPSS

CloudLinux•added 2022/10/10 6:56 p.m.•46 views

Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435

CVE-2020-13435: add a code that tries to prevent a recurrence of problems - CVE-2020-35525: a potential null pointer dereference was fixed...

7.5CVSS3AI score0.00219EPSS

CloudLinux•added 2022/08/25 3:52 p.m.•46 views

Fixed CVEs in vim: CVE-2022-2845, CVE-2022-2849

CVE-2022-2849: fix invalid memory access with for loop over NULL string - CVE-2022-2845: fix reading before the start of the line...

7.8CVSS2.1AI score0.00523EPSS

Exploits2References1

CloudLinux•added 2022/07/28 2:22 p.m.•46 views

Fixed CVE-2021-22543 in kernel

KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22543...

8.7CVSS2.6AI score0.00014EPSS

CloudLinux•added 2022/07/04 7:12 p.m.•46 views

Fixed CVE-2022-27782 in curl

CVE-2022-27782: add missing checks of ssl and ssh options during matching a connection for reuse...

7.5CVSS1.4AI score0.00469EPSS

CloudLinux•added 2021/10/19 1:31 p.m.•46 views

Fix of CVE: CVE-2017-6363, CVE-2021-40145

CVE-2021-40145: check for memory allocation errors processing GD2 images - CVE-2017-6363: make sure transparent index is within bounds of the palette...

5.8CVSS3.7AI score0.00588EPSS

Exploits2References1

CloudLinux•added 2022/12/15 5:42 p.m.•45 views

curl: Fix of CVE-2022-32221

CVE-2022-32221: fix issue when POST following PUT confusion...

9.8CVSS9.3AI score0.01853EPSS

CloudLinux•added 2021/11/22 12:20 p.m.•45 views

Fix of CVE: CVE-2021-3326, CVE-2021-43396

CVE-2021-3326: avoid denial of service due to a failed assertion - CVE-2021-43396: check actual stored character in state reset code...

7.5CVSS2.6AI score0.00597EPSS

CloudLinux•added 2021/10/20 3:51 p.m.•45 views

Fix of CVE: CVE-2021-3778, CVE-2021-3796

CVE-2021-3778: crafted input leads to heap-based buffer overflow - CVE-2021-3796: crafted input leads to use-after-free...

8.2CVSS7.8AI score0.00385EPSS

Exploits2References1

CloudLinux•added 2020/12/02 12:0 p.m.•45 views

Fix of CVE: CVE-2020-8284

trusting FTP PASV responses CVE-2020-8284...

4.3CVSS0.9AI score0.00083EPSS

CloudLinux•added 2023/12/12 10:43 p.m.•44 views

microcode_ctl: Fix of CVE-2023-23583

Update Intel CPU microcode to microcode-20231114 release, addresses CVE-2023-23583 INTEL-SA-00950: - Update of 06-6a-06/0x87 ICX-SP D0 microcode in 06-6a-06 from revision 0xd0003a5 up to 0xd0003b9; - Update of 06-6c-01/0x10 ICL-D B0 microcode in 06-6c-01 from revision 0x1000230 up to 0x1000268; -...

8.8CVSS6.9AI score0.00281EPSS

CloudLinux•added 2023/10/12 6:41 p.m.•44 views

libwebp: Fix of CVE-2023-1999

CVE-2023-1999: avoids a double free...

7.5CVSS8AI score0.00353EPSS

CloudLinux•added 2022/11/23 8:55 p.m.•44 views

vim: Fix of CVE-2022-3352

CVE-2022-3352: disallow deleting the current buffer to avoid using freed memory...

7.8CVSS3AI score0.00028EPSS

CloudLinux•added 2022/09/08 5:32 p.m.•44 views

Fixed CVE-2022-29154 in rsync

CVE-2022-29154: fix arbitrary file write vulnerability via malicious rsync server MITM attack, refactoring - fix test-system components, enable 'daemon' and 'hardlinks' tests...

7.4CVSS5.7AI score0.00923EPSS

CloudLinux•added 2021/12/06 3:16 p.m.•44 views

Fix of 56 CVEs

CVE-2017-7223: Fix global buffer overflow of size 1 - CVE-2017-7224: Fix invalid write of size 1 while disassembling - CVE-2017-7225: Fix NULL pointer dereference and an invalid write - CVE-2017-7226: Fix heap-based buffer over-read of size 4049 - CVE-2017-7227: Fix heap-based buffer overflow -...

9.8CVSS7.9AI score0.04256EPSS

Exploits13References1

CloudLinux•added 2021/06/17 1:13 p.m.•44 views

Update of openssl-static, openssl-devel, openssl-perl, openssl, openssl, openssl-devel

...

0.8AI score

CloudLinux•added 2024/08/27 3:58 p.m.•43 views

kernel: Fix of 11 CVEs

drm/vmwgfx: Fix invalid reads in fence signaled events CVE-2024-36960 - afunix: Fix garbage collector racing against connect CVE-2024-26923 - ipv6: remove maxsize check inline with ipv4 CVE-2023-52340 - aoe: fix the potential use-after-free problem in aoecmdcfgpkts CVE-2023-6270 - smb: client:...

7.8CVSS8AI score0.00262EPSS

Exploits2

CloudLinux•added 2024/05/21 10:38 a.m.•43 views

ansible: Fix of CVE-2023-5764

CVE-2023-5764: avoid evaluate unsafe conditions...

7.8CVSS7.3AI score0.00065EPSS

CloudLinux•added 2024/02/22 10:0 p.m.•43 views

libxml2: Fix of CVE-2024-25062

CVE-2024-25062: Fix xmlValidatePopElement use-after-free in XML Reader interface with DTD validation and XInclude expansion enabled - test suite was partially activated...

7.5CVSS7.4AI score0.00165EPSS

Exploits3

CloudLinux•added 2023/11/29 7:25 p.m.•43 views

exim: Fix of CVE-2023-42117

CVE-2023-42117: fix stringisipaddress...

9.8CVSS7AI score0.0735EPSS

CloudLinux•added 2022/09/19 12:52 p.m.•43 views

Fixed CVE-2022-28614 in httpd

CVE-2022-28614: fix out-of-bounds read via aprwrite, refactoring...

5.3CVSS1AI score0.00576EPSS

CloudLinux•added 2022/07/20 7:58 p.m.•43 views

Fixed CVE-2015-20170 in python

CVE-2015-20170: mailcap: findmatch function does not sanitise the second argument allowing to inject shell commands...

2.5AI score

CloudLinux•added 2022/01/11 12:27 p.m.•43 views

Fix of 14 CVEs

CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer...

9.8CVSS4.1AI score0.0204EPSS

Exploits10References1

CloudLinux•added 2021/09/21 10:3 p.m.•43 views

Fix of CVE: CVE-2020-25211, CVE-2020-25656, CVE-2019-19532, CVE-2020-29661

CKSIX-277: CVE-2020-29661: tty: Fix -pgrp locking in tiocspgrp - CKSIX-277: CVE-2020-25656: vt: keyboard, extend funcbuflock to readers - CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctlKDSKBSENT handler - CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vtkdgkbsent - CKSIX-277:...

7.8CVSS1.7AI score0.0059EPSS

Exploits4References1

CloudLinux•added 2021/07/21 2:34 p.m.•43 views

Update of kernel-doc, kernel-abi-whitelists, kernel-firmware

...

0.6AI score

CloudLinux•added 2023/08/15 2:15 p.m.•42 views

microcode_ctl: Fix of CVE-2023-20593

Update AMD CPU microcode to 2023-07-19 addresses CVE-2023-20593: - Addition AMD CPU microcode for processor family 17h: sig 0x008a0f00; - Update AMD CPU microcode for processor family 19h: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; - Update AMD CPU microcode for processor family 17h: sig...

5.5CVSS7AI score0.0844EPSS

CloudLinux•added 2023/07/18 5:48 p.m.•42 views

openldap: Fix of CVE-2023-2953

CVE-2023-2953: added check for strdup failure, to avoid null pointer dereference...

7.5CVSS7AI score0.01419EPSS

CloudLinux•added 2022/12/12 7:47 p.m.•42 views

krb5: Fix of CVE-2022-42898

CVE-2022-42898: Fix integer overflows in PAC parsing - A test-suite was activated...

8.8CVSS5.2AI score0.10832EPSS