Cloudlinux - Page 8 of Cloudlinux Vulnerabilities List

CloudLinux•added 2022/04/21 9:21 p.m.•13 views

Update of kernel-firmware, kernel-abi-whitelists, kernel-doc

KB-127: Bump version separete fw build...

2.4AI score

CloudLinux•added 2022/04/21 9:21 p.m.•60 views

Fix of 13 CVEs

CKSIX-267: USB: hso: Fix OOB memory access in hsoprobe/hsogetconfigdata - CKSIX-267: CVE-2019-14615: drm/i915/gen9: Clear residual context state on context switch - CKSIX-267: CVE-2020-8647, CVE-2020-8649: vgacon: Fix a UAF in vgaconinvertregion - CKSIX-267: CVE-2020-14331: vgacon: Fix for...

7.8CVSS0.7AI score0.25699EPSS

Exploits18References1

CloudLinux•added 2022/04/21 9:20 p.m.•14 views

Update of els-define

Add OracleLinux support...

1.5AI score

CloudLinux•added 2022/04/21 9:19 p.m.•23 views

Fix of CVE: CVE-2021-27135

CVE-2021-27135: fix crash when processing combining characters...

9.8CVSS3AI score0.00722EPSS

CloudLinux•added 2022/04/21 9:19 p.m.•38 views

Fix of CVE: CVE-2021-28651

CVE-2021-28651: fix memory leak leading to denial of service...

7.5CVSS2.5AI score0.06133EPSS

CloudLinux•added 2022/04/21 9:18 p.m.•25 views

Update of php 5.3: Remove mariadb102 patch to eliminate faulty functionality

Remove mariadb102 patch to eliminate faulty functionality...

2.4AI score

CloudLinux•added 2022/04/21 9:15 p.m.•18 views

Update of php 5.3: Fix segfault during graceful Apache restart

ELS-42: Fix segfault during graceful Apache restart...

1.7AI score

CloudLinux•added 2022/04/19 2:4 p.m.•65 views

Fix of CVE: CVE-2022-28390, CVE-2021-3609

can: emsusb: emsusbstartxmit: fix double devkfreeskb in error path ELSCVE-3847 CVE-2022-28390 - can: bcm: delay release of struct bcmop after synchronizercu ELSCVE-1694 CVE-2021-3609...

7.8CVSS1.2AI score0.0006EPSS

CloudLinux•added 2022/04/19 2:3 p.m.•72 views

Fix of CVE: CVE-2021-3609, CVE-2022-28390

can: emsusb: emsusbstartxmit: fix double devkfreeskb in error path ELSCVE-3847 CVE-2022-28390 - can: bcm: delay release of struct bcmop after synchronizercu ELSCVE-1694 CVE-2021-3609...

7.8CVSS1.2AI score0.0006EPSS

CloudLinux•added 2022/04/19 2:2 p.m.•111 views

Fix of CVE: CVE-2022-28391

CVE-2022-28391: fix possible terminal injection attacks from DNS query results...

8.8CVSS2.2AI score0.03075EPSS

CloudLinux•added 2022/04/19 2:0 p.m.•15 views

Update of microcode_ctl

Update Intel CPU microcode to microcode-20220207 release: - Fixes in releasenote.md file...

1.2AI score

CloudLinux•added 2022/04/13 5:2 p.m.•94 views

Fix of CVE: CVE-2022-1154

CVE-2022-1154: fix buffer usage after free...

7.8CVSS8.2AI score0.01144EPSS

CloudLinux•added 2022/04/11 4:46 p.m.•189 views

Fix of CVE: CVE-2021-3618

CVE-2021-3618: drop the connection after reaching the specified number of invalid protocol commmands...

7.4CVSS2.4AI score0.00615EPSS

CloudLinux•added 2022/04/07 11:39 a.m.•75 views

Fix of CVE: CVE-2021-25220

CVE-2021-25220: fix possible cache poisoning from forwarder responses...

6.8CVSS7.4AI score0.00088EPSS

CloudLinux•added 2022/04/05 3:3 p.m.•124 views

Fix of CVE: CVE-2022-0547

CVE-2022-0547: Fix authentication bypass via multiple deferred authentication plug-ins...

9.8CVSS3.4AI score0.00465EPSS

CloudLinux•added 2022/04/05 3:2 p.m.•52 views

Fix of CVE: CVE-2022-0943

CVE-2022-0943: fix heap-based buffer overflow...

8.4CVSS8.2AI score0.00226EPSS

CloudLinux•added 2022/03/24 4:8 p.m.•57 views

Fix of CVE: CVE-2021-3999

CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd...

7.8CVSS3.3AI score0.00848EPSS

CloudLinux•added 2022/03/24 3:36 p.m.•116 views

Fix of CVE: CVE-2022-22721, CVE-2022-22720

CVE-2022-22720: simpler connection close logic if discarding the request body fails - CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory...

9.8CVSS1.7AI score0.27458EPSS

CloudLinux•added 2022/03/22 2:15 p.m.•81 views

Fix of CVE: CVE-2021-3737

CVE-2021-3737: Fix HTTP client infinite line reading DoS after receiving a '100 Continue' HTTP response...

7.5CVSS8.1AI score0.00119EPSS

CloudLinux•added 2022/03/17 8:51 p.m.•94 views

Fix of CVE: CVE-2022-0778

CVE-2022-0778: Fix possible infinite loop in BNmodsqrt...

7.5CVSS8.2AI score0.06863EPSS

CloudLinux•added 2022/03/14 11:4 a.m.•61 views

Fix of CVE: CVE-2022-23308

CVE-2022-23308: fix use-after-free of ID and IDREF attributes...

7.5CVSS1.8AI score0.00074EPSS

CloudLinux•added 2022/03/10 6:8 p.m.•382 views

Update of ca-certificates

remove old certificate - Removing: - Certificate "DST Root CA X3" - Update to CKBI 2.50 from NSS 3.67 - Update to CKBI 2.48 from NSS 3.66 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "GeoTrust Global CA" - Certificate "GeoTrust Universal...

2AI score

CloudLinux•added 2022/03/10 12:27 p.m.•105 views

Fix of CVE: CVE-2022-0554, CVE-2022-0729, CVE-2022-0685, CVE-2022-0572

CVE-2022-0554: fix ending up with no current buffer - CVE-2022-0572: fix crashing when repeatedly using :retab - CVE-2022-0685: fix crashing when using special multi-byte character - CVE-2022-0729: fix crashing with specific regexp pattern and string...

8.8CVSS1.4AI score0.01766EPSS

Exploits4References1

CloudLinux•added 2022/03/07 3:12 p.m.•58 views

Fix of CVE: CVE-2022-0391

CVE-2022-0391: Add stripping ASCII newline and tabs from the url by urllib.parse...

7.5CVSS1.1AI score0.01214EPSS

CloudLinux•added 2022/02/28 3:6 p.m.•140 views

Fix of CVE: CVE-2022-24407

CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands...

8.8CVSS3.5AI score0.00431EPSS

CloudLinux•added 2022/02/21 5:56 p.m.•40 views

Fix of CVE: CVE-2022-0413, CVE-2022-0417, CVE-2022-0408, CVE-2022-0443

CVE-2022-0408: fix stack corruption when looking for spell suggestions - CVE-2022-0413: fix using freed memory when substitute with function call - CVE-2022-0417: fix illegal memory access caused by ':retab 0' - CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe'...

8.4CVSS1.5AI score0.00333EPSS

Exploits4References1

CloudLinux•added 2022/02/14 4:21 p.m.•72 views

Fix of CVE: CVE-2022-0351, CVE-2022-0368, CVE-2022-0359, CVE-2022-0361

CVE-2022-0351: fix crash caused by too depth recursion - CVE-2022-0359: fix illegal memory access with large tabstop in ex mode - CVE-2022-0361: fix illegal memory access when copying lines in visual mode - CVE-2022-0368: fix illegal memory access when undo makes visual area invalid...

8.4CVSS3.6AI score0.00215EPSS

Exploits4References1

CloudLinux•added 2022/02/10 1:49 p.m.•322 views

Fix of CVE: CVE-2022-23307, CVE-2022-23302

CVE-2022-23307: Fix Unsafe deserialization flaw in Chainsaw log viewer - CVE-2022-23302: Fix remote code execution when application is configured to use JMSSink...

9CVSS3.2AI score0.02603EPSS

CloudLinux•added 2022/02/03 8:1 p.m.•179 views

Fix of CVE: CVE-2022-23305

CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for enabling it...

9.8CVSS1.7AI score0.09452EPSS

CloudLinux•added 2022/02/02 4:15 p.m.•68 views

Fix of CVE: CVE-2022-23218, CVE-2022-23219

CVE-2022-23218: fix possible buffer overflow in svcunixcreate - CVE-2022-23219: fix possible buffer overflow in clntcreate...

9.8CVSS3.1AI score0.00573EPSS

CloudLinux•added 2022/01/31 2:48 p.m.•42 views

Fix of CVE: CVE-2022-0261, CVE-2022-0213

CVE-2022-0213: fix going over the end of status line buffer - CVE-2022-0261: fix block insert goes over the end of the line...

7.8CVSS1.3AI score0.00163EPSS

CloudLinux•added 2022/01/26 3:45 p.m.•142 views

Fix of CVE: CVE-2021-4034

CVE-2021-4034: pkexec: argv overflow results in local privilege esc...

7.8CVSS3.9AI score0.88057EPSS

Exploits149References1

CloudLinux•added 2022/01/25 12:6 p.m.•39 views

Fix of CVE: CVE-2021-44038

CVE-2021-44038: low privilege escalation during package installation/update due to insecure chmod in spec file...

7.8CVSS3.3AI score0.00195EPSS

CloudLinux•added 2022/01/17 2:23 p.m.•103 views

Fix of CVE: CVE-2021-4104

CVE-2021-4104: Fix remote code execution vulnerability...

7.5CVSS2.6AI score0.72202EPSS

Exploits9References1

CloudLinux•added 2022/01/13 3:24 p.m.•38 views

Fix of CVE: CVE-2021-4192, CVE-2021-4193

CVE-2021-4192: fix using freed memory in /%V - CVE-2021-4193: fix going beyond the end of the line with /%V...

7.8CVSS1.3AI score0.00562EPSS

CloudLinux•added 2022/01/13 2:29 p.m.•50 views

Fix of CVE: CVE-2021-3800

CVE-2021-3800: Fix privilege escalation...

5.5CVSS2.5AI score0.00063EPSS

CloudLinux•added 2022/01/11 12:27 p.m.•43 views

Fix of 14 CVEs

CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer...

9.8CVSS4.1AI score0.0204EPSS

Exploits10References1

CloudLinux•added 2022/01/11 12:18 p.m.•75 views

Fix of 8 CVEs

CVE-2021-3517.patch: validate UTF8 in xmlEncodeEntities - CVE-2021-3518.patch: fix user-after-free with 'xmllint --xinclude --dropdtd' - CVE-2021-3537.patch: propagate error in xmlParseElementChildrenContentDeclPriv - CVE-2021-3541.patch: parser fix for the billion laughs attack -...

9.1CVSS8.2AI score0.00697EPSS

CloudLinux•added 2021/12/29 3:9 p.m.•94 views

Fix of CVE: CVE-2021-45078, CVE-2018-9138, CVE-2018-17985, CVE-2018-12641, CVE-2018-12699, CVE-2018-12698, CVE-2018-12697, CVE-2018-12700, CVE-2018-18484, CVE-2018-18701, CVE-2018-12934, CVE-2018-18700, CVE-2018-17794, CVE-2018-18483

7.5CVSS4.1AI score0.0204EPSS

Exploits10References1

CloudLinux•added 2021/12/28 1:15 p.m.•71 views

Fix of CVE: CVE-2021-3516, CVE-2021-3537, CVE-2017-8872, CVE-2021-3518, CVE-2019-20388, CVE-2020-24977, CVE-2021-3541, CVE-2021-3517

7.5CVSS1.2AI score0.00697EPSS

CloudLinux•added 2021/12/27 4:8 p.m.•38 views

Fix of CVE: CVE-2021-3973, CVE-2021-3974, CVE-2021-4019, CVE-2021-4069, CVE-2021-3984

CVE-2021-3974: fix using freed memory with regexp using a mark - CVE-2021-3984: fix illegal memory access when C-indenting - CVE-2021-3973: fix crash when using CTRL-W f without finding a file name - CVE-2021-4019: fix buffer overflow with long help argument - CVE-2021-4069: fix using freed...

9.3CVSS1.2AI score0.00358EPSS

Exploits5References1

CloudLinux•added 2021/12/27 4:8 p.m.•64 views

Fix of 36 CVEs

CVE-2018-6323: Fix unsigned integer overflow - CVE-2018-19931: Fix heap-based buffer overflow in bfdelf32swapphdrin - CVE-2018-6543: Fix integer overflow - CVE-2018-20671: Fix integer overflow vulnerability - CVE-2018-6759: Fix segmentation fault - CVE-2018-7208: Fix segmentation fault -...

7.8CVSS7.7AI score0.09327EPSS

Exploits26References1

CloudLinux•added 2021/12/20 12:12 p.m.•63 views

Fix of CVE: CVE-2021-43527

CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA signatures and RSA-PSS - Update to CKBI 2.50 from NSS 3.67 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "AddTrust Low-Value Services Root" - Certificate "AddTrust...

9.8CVSS1.3AI score0.05243EPSS

CloudLinux•added 2021/12/16 4:2 p.m.•87 views

Fix of CVE: CVE-2018-18605, CVE-2019-12972, CVE-2016-4490, CVE-2018-6543, CVE-2018-19931, CVE-2018-10535, CVE-2019-17450, CVE-2018-7643, CVE-2016-4487, CVE-2016-4492, CVE-2018-20002, CVE-2018-1000876, CVE-2019-9073, CVE-2019-9075, CVE-2018-20671, CVE-2016-4488, CVE-2018-7568, CVE-2018-7642, CVE-2018-10373, CVE-2018-6323, CVE-2016-2226, CVE-2016-4493, CVE-2018-19932, CVE-2018-6759, CVE-2019-9077, CVE-2018-18607, CVE-2018-8945, CVE-2018-7208, CVE-2016-6131, CVE-2018-13033, CVE-2018-20623, CVE-2019-14444, CVE-2018-18309, CVE-2018-18606, CVE-2018-7569, CVE-2016-4489

6.8CVSS2.3AI score0.09327EPSS

Exploits26References1

CloudLinux•added 2021/12/15 2:28 p.m.•41 views

Fix of CVE: CVE-2021-3973, CVE-2021-3974, CVE-2021-4019, CVE-2021-3984, CVE-2021-4069

9.3CVSS1.2AI score0.00358EPSS

Exploits5References1

CloudLinux•added 2021/12/06 3:23 p.m.•412 views

Fix of CVE: CVE-2021-43527

7.5CVSS1.3AI score0.05243EPSS

CloudLinux•added 2021/12/06 3:16 p.m.•44 views

Fix of 56 CVEs

CVE-2017-7223: Fix global buffer overflow of size 1 - CVE-2017-7224: Fix invalid write of size 1 while disassembling - CVE-2017-7225: Fix NULL pointer dereference and an invalid write - CVE-2017-7226: Fix heap-based buffer over-read of size 4049 - CVE-2017-7227: Fix heap-based buffer overflow -...

9.8CVSS7.9AI score0.04256EPSS

Exploits13References1

CloudLinux•added 2021/12/06 3:16 p.m.•33 views

Fix of CVE: CVE-2021-3928, CVE-2021-3927

CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line - CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions...

7.8CVSS8.2AI score0.00253EPSS

CloudLinux•added 2021/12/06 3:15 p.m.•37 views

Fix of CVE: CVE-2021-27212

CVE-2021-27212: fix DoS via malicious packet...

7.5CVSS3.3AI score0.25115EPSS